Profession chief ict security officer

Chief ICT security officers protect company and employee information against unauthorized access. They also define the Information System security policy, manage security deployment across all Information Systems and ensure the provision of information availability.

Would you like to know what kind of career and professions suit you best? Take our free Holland code career test and find out.

Personality Type

  • Conventional / Investigative

Knowledge

  • Audit techniques

    The techniques and methods that support a systematic and independent examination of data, policies, operations and performances using computer-assisted audit tools and techniques (CAATs) such as spreadsheets, databases, statistical analysis and business intelligence software.

  • ICT security legislation

    The set of legislative rules that safeguards information technology, ICT networks and computer systems and legal consequences which result from their misuse. Regulated measures include firewalls, intrusion detection, anti-virus software and encryption.

  • ICT network security risks

    The security risk factors, such as hardware and software components, devices, interfaces and policies in ICT networks, risk assessment techniques that can be applied to assess the severity and the consequences of security threats and contingency plans for each security risk factor.

  • Organisational resilience

    The strategies, methods and techniques that increase the organisation's capacity to protect and sustain the services and operations that fulfil the organisational mission and create lasting values by effectively addressing the combined issues of security, preparedness, risk and disaster recovery.

  • Information security strategy

    The plan defined by a company which sets the information security objectives and measures to mitigate risks, define control objectives, establish metrics and benchmarks while complying with legal, internal and contractual requirements.

  • ICT security standards

    The standards regarding ICT security such as ISO and the techniques required to ensure compliance of the organisation with them.

  • Cyber security

    The methods that protect ICT systems, networks, computers, devices, services, digital information and people against illegal or unauthorised use.

  • Decision support systems

    The ICT systems that can be used to support business or organisational decision making.

Skills

  • Implement ICT risk management

    Develop and implement procedures for identifying, assessing, treating and mitigating ICT risks, such as hacks or data leaks, according to the company's risk strategy, procedures and policies. Analyse and manage security risks and incidents. Recommend measures to improve digital security strategy.

  • Utilise decision support system

    Use the available ICT systems that can be used to support business or organisational decision making.

  • Maintain plan for continuity of operations

    Update methodology which contains steps to ensure that facilities of an organisation are able to continue operating, in case of broad range of unforeseen events.

  • Lead disaster recovery exercises

    Head exercises which educate people on what to do in case of an unforeseen disastrous event in the functioning or security of ICT systems, such as on recovery of data, protection of identity and information and which steps to take in order to prevent further problems.

  • Manage IT security compliances

    Guide application and fulfillment of relevant industry standards, best practices and legal requirements for information security.

  • Implement corporate governance

    Apply a set of principles and mechanisms by which an organisation is managed and directed, set procedures of information, control flow and decision making, distribute rights and responsibilities among departments and individuals, set corporate objectives and monitor and evaluate actions and results.

  • Ensure information privacy

    Design and implement business processes and technical solutions to guarantee data and information confidentiality in compliance with legal requirements, also considering public expectations and political issues of privacy.

  • Ensure compliance with legal requirements

    Guarantee compliance with established and applicable standards and legal requirements such as specifications, policies, standards or law for the goal that organisations aspire to achieve in their efforts.

  • Manage disaster recovery plans

    Prepare, test and execute, when necessary, a plan of action to retrieve or compensate lost information system data.

  • Monitor technology trends

    Survey and investigate recent trends and developments in technology. Observe and anticipate their evolution, according to current or future market and business conditions.

  • Ensure adherence to organisational ICT standards

    Guarantee that the state of events is in accordance with the ICT rules and procedures described by an organisation for their products, services and solutions.

Optional knowledge and skills

train employees ict recovery techniques coffeescript javascript tools for ict test automation swift smalltalk optimise choice of ict solution c++ internet governance world wide web consortium standards r apl cyber attack counter-measures web application security threats ml perl matlab microsoft visual c++ ict system user requirements lisp cobol erlang computer forensics visual basic abap python sas language typescript objective-c internet of things pascal c# computer programming common lisp java ict process quality models coordinate technological activities create solutions to problems manage staff software anomalies openedge advanced business language haskell scala scratch php ruby ict encryption asp.net sap r3 groovy use different communication channels prolog vbscript ajax assembly