Global Information Security Manager (CISO)
|Office:||Hengelo, Sliedrecht, Utrecht|
|Business area:||Internal IT, Management|
As Information Security Manager (CISO), you are accountable for embedding security within Unit4 programs globally and transformation by identifying security threats and risks, and enabling project teams to develop and deliver control strategies.
You engage with stakeholders for change programs to ensure adequate security engagement, manage security risks and threats and monitor the delivery of mitigation strategies. You will work with a virtual team of business and technical competencies, to carry out risk assessment and management activities and deliver business-aligned security controls.
What will you do
- Identifying security risks through established risk assessment methodologies and defining associated control strategies for projects, programs and transformation;
- Leading the architecture of technical security controls, and supporting design, delivery and maintenance;
- Providing security assurance to internal and external stakeholders for major programs of work affecting Unit4 systems and information;
- Communicating a dashboard of project, program and transformation security risks to stakeholders.
- Information Security
Provides leadership and guidelines on information assurance security expertise for the organization, working effectively with strategic organizational functions such as legal experts and technical support to provide authoritative advice and guidance on the requirements for security controls. Provides for restoration of information systems by ensuring that protection, detection, and reaction capabilities are incorporated.
- Stakeholder Relationship Management
Initiates and influences relationships with and between key stakeholders. Is influential and diplomatic in negotiations with other departments/organizations and formulates knowledge-sharing strategies. Acts as a single point of contact for senior stakeholders and influencers. Supports effective business change by building relationships with and between senior strategists, planners, designers and operational business partners.
- Information Assurance
Develops corporate Information security policy, standards and guidelines. Prepares and maintains organizational strategies that address the evolving business risk and information control requirements. Operates as a focus for Information assurance governance expertise for the organization, working effectively with strategic organizational functions such as legal experts and technical support to provide authoritative advice and guidance on the requirements for security controls.
- Technology Audit
Manages risk-based audit of existing and planned technology systems. Identifies areas of risk and evaluates adequacy and effectiveness of organization’s approach to risk in use of IT. Communicates associated risks of a complex nature to middle and senior managers. Recommends changes in procedures and control procedures based on audit findings. Collates conclusions and recommendations, and presents audit findings to management regarding the effectiveness and efficiency of control mechanisms in information systems. Engages with providers of other IT assurance such as compliance audits, quality assurance functions and other technical specialists.
- Business Risk Management
Carries out risk assessment within a defined functional or technical area of business. Uses consistent processes for identifying potential risk events, quantifying and documenting the probability of occurrence and the impact on the business. Refers to domain experts for guidance on specialized areas of risk, such as architecture and environment. Coördinaties the development of countermeasures and contingency plans.
- Security Administration
Develops strategies for ensuring the security of automated systems. Ensures that the policy and standards for security are fit for purpose, current and are correctly implemented. Reviews new business proposals and provides specialist advice on security issues and implications.
Support stakeholders in the realization of security governance benefits. Ensure the ongoing mapping between security governance practices and business objectives. Identify strategic drivers for security governance scope and framework adoption. Drive enterprise adoption and benefits realization of security performance measures. Coordinate the strategy of security governance with other risk functions. Engage in external activities to develop and maintain security frameworks.
- Information Security Strategy
Ensure the ongoing relevance of security strategy to internal and external drivers. Support senior stakeholders in their understanding of the strategy and benefits. Sponsor programs to implement the strategy.
- Risk Assessment and Management
Can assess risks, utilizing diverse methodologies to achieve optimal outcomes. Can gain management commitment to risk management and identified controls. Can drive the optimization of security and business risk management. Identifies emerging sector threats and risks. Can map threats and risks to specific industry bodies, procedures and impacts.
What we offer
You will work in an organization with a rich history, starting 38 years ago. A leading provider of Enterprise and Business software applications with almost 4000 employees working in 26 countries empowering people in service organizations. We enable people to use business applications at work or at school with the latest technologies and trends.
As Information Security Manager (CISO) you will have the chance to work at a headquarters of an international company working closely with C-level executives. We offer you a job in an organization which is in continuous change, as the industry sectors we serve continuously requires us to provide new and smarter software solutions.
You can keep up to date with new technologies, our products and developments in the Business Software industry and more importantly you can apply them. You will receive a competitive salary package, which consists of a base salary and bonus. In addition to secondary employment conditions, you will also receive a company car.
Please apply with your LinkedIn profile or CV when you are interested in this job.