Profession chief ICT security officer
Chief ICT security officers protect company and employee information against unauthorized access. They also define the Information System security policy, manage security deployment across all Information Systems and ensure the provision of information availability.
Chief ICT security officer Jobs: Open positions
Find the job of your dreams on Talent.com, one of the largest job sites worldwide.Job postings: talent.com
- ICT security legislation
The set of legislative rules that safeguards information technology, ICT networks and computer systems and legal consequences which result from their misuse. Regulated measures include firewalls, intrusion detection, anti-virus software and encryption.
- Information security strategy
The plan defined by a company which sets the information security objectives and measures to mitigate risks, define control objectives, establish metrics and benchmarks while complying with legal, internal and contractual requirements.
- ICT security standards
The standards regarding ICT security such as ISO and the techniques required to ensure compliance of the organisation with them.
- Cyber security
The methods that protect ICT systems, networks, computers, devices, services, digital information and people against illegal or unauthorised use.
- ICT network security risks
The security risk factors, such as hardware and software components, devices, interfaces and policies in ICT networks, risk assessment techniques that can be applied to assess the severity and the consequences of security threats and contingency plans for each security risk factor.
- Audit techniques
The techniques and methods that support a systematic and independent examination of data, policies, operations and performances using computer-assisted audit tools and techniques (CAATs) such as spreadsheets, databases, statistical analysis and business intelligence software.
- Decision support systems
The ICT systems that can be used to support business or organisational decision making.
- Organisational resilience
The strategies, methods and techniques that increase the organisation's capacity to protect and sustain the services and operations that fulfil the organisational mission and create lasting values by effectively addressing the combined issues of security, preparedness, risk and disaster recovery.
- Lead disaster recovery exercises
Head exercises which educate people on what to do in case of an unforeseen disastrous event in the functioning or security of ICT systems, such as on recovery of data, protection of identity and information and which steps to take in order to prevent further problems.
- Ensure compliance with legal requirements
Guarantee compliance with established and applicable standards and legal requirements such as specifications, policies, standards or law for the goal that organisations aspire to achieve in their efforts.
- Ensure adherence to organisational ICT standards
Guarantee that the state of events is in accordance with the ICT rules and procedures described by an organisation for their products, services and solutions.
- Manage IT security compliances
Guide application and fulfilment of relevant industry standards, best practices and legal requirements for information security.
- Implement ICT risk management
Develop and implement procedures for identifying, assessing, treating and mitigating ICT risks, such as hacks or data leaks, according to the company's risk strategy, procedures and policies. Analyse and manage security risks and incidents. Recommend measures to improve digital security strategy.
- Utilise decision support system
Use the available ICT systems that can be used to support business or organisational decision making.
- Implement corporate governance
Apply a set of principles and mechanisms by which an organisation is managed and directed, set procedures of information, control flow and decision making, distribute rights and responsibilities among departments and individuals, set corporate objectives and monitor and evaluate actions and results.
- Monitor technology trends
Survey and investigate recent trends and developments in technology. Observe and anticipate their evolution, according to current or future market and business conditions.
- Maintain plan for continuity of operations
Update methodology which contains steps to ensure that facilities of an organisation are able to continue operating, in case of broad range of unforeseen events.
- Ensure information privacy
Design and implement business processes and technical solutions to guarantee data and information confidentiality in compliance with legal requirements, also considering public expectations and political issues of privacy.
- Manage disaster recovery plans
Prepare, test and execute, when necessary, a plan of action to retrieve or compensate lost information system data.
Source: Sisyphus ODB