Security Governance Consultant

Responsibilities:

Under the direct supervision of Lead, Cyber security Governance:

Develop, implement and monitor strategic, comprehensive enterprise information security and IT risk management programmes to ensure that the integrity, confidentiality and availability of information is managed and controlled by client organizations

Provide regular reporting on the current status of the information
security program to senior management and business units as part of a
strategic enterprise risk management program


Implement governance programmes including an information security
steering committee or advisory board


Create, communicate and implement process for risk management,
including the assessment and treatment of identified risks. Work directly
with business units and stakeholders throughout the organization on
identifying acceptable levels of residual risk. Report and oversee
treatment efforts


Create and manage information security and risk management
awareness training programmes for all employees, contractors and
approved system users


Develop, maintain and publish up-to-date information security policies,
standards and guidelines. Oversee the approval, training, and
dissemination of security policies and practices


Develop and enhance an information security management framework
based on the ISO 27000 standards. Create a framework for roles and
responsibilities with regard to information ownership, classification,
accountability and protection


Coordinate information security and risk management projects. Provide
strategic risk guidance for IT projects

Monitor the external threat environment for emerging threats and advise

Relevant stakeholders on the appropriate courses of action

Manage security incidents and events to protect corporate IT assets,
including intellectual property, sensitive data and the organization’s
reputation


Develop and oversee effective disaster recovery policies and standards.
Coordinate the development of implementation plans and procedures to
ensure that business-critical services are recovered in the event of a
security event. Provide direction, support and in-house consulting in
these areas


Liaise among external and internal stakeholders, including audit, legal
and HR management teams as required, to ensure that the organization
maintains an appropriate security posture

Manage information security specialists and consultants

Perform other related duties and fulfil responsibilities as required

What we are looking for:

University degree (Bachelors’ degree) or equivalent experience in
computer science, information systems, mathematics, statistics or
related field


Minimum of 10 years’ experience in information security, risk
management, or IT-Security or security incident response or security
testing related jobs

Experience in developing information security policies and procedures, as well as successfully esecuting programmes

Knowledge of common information security management frameworks,
such as ISO/IEC 27001, ITIL, COBIT, etc.

Ability to understand technical and business aspects of IT risk, and to communicate those risks to management, business and technical units so that the organization can make informed decisions regarding appropriate levels of information security control.

Strong analytical and problem-solving skills.

• Ability to act calmly and competently in high-pressure, high-stress situations.
  

Excellent written and verbal communication skills, interpersonal and collaborative skills.

High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity.

High degree of initiative, dependability and ability to work with little supervision.

Desirable:

Experience in achieving and maintaining ISO 27001 certification

Three years’ experience working in security consulting engagements

Project management skills and ability to manage multiple projects under

strict timelines.

Certification in CISM, CRISC, CGEIT, CISSP

English written and oral proficiency. Spanish is a plus

We offer:

Join us at the right time to make your mark in a fast-growing organization

Various missions and projects that will allow you to have a real impact on the company

The ability to work autonomously and to drive new initiatives

✨ A career path adapted to your personality, both in terms of role and location

A strong culture, based on sharing, respect, ambition, and team spirit

The opportunity to manage teams and develop your area of expertise by leading one of our squads

Develop your management and leadership skills , because, at Ekkiden , consultants look after the careers of other consultants. Gone are the days when your career was driven by a salesman !

❤ H ealth insurance