02 Jul Recruitment – Position: Country BISO
Position: Country BISO.
This document defines the skills required to perform the responsibilities of a Country BISO and serves as a guide in fulfilling his/her responsibilities:
A Country Business Information Security Officer (BISO) is accountable for all IS activities including but not limited to oversight the IS Risk Management to the Franchise and its processes.
Reports to a business manager with a matrix line to a GISO.
- Master in IS/IT related area preferable.
- At least 5 years’ experience in IS and at least 2 IS programs including, but not limited to, Audit Reviews, IS Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment.
- Knowledge of key government regulations and local laws.
- Excellent consulting and problem solving skills.
- Able to convey ideas to senior management and staff.
- Advanced IT technical knowledge.
- In depth knowledge of IS programs.
- Advanced presentation skills, program management, and relationship management skills.
- Able to work with senior business management to implement IS strategy.
- Ensures alignment of IS program with business strategy.
- Drives constructive procedural changes to ensure effective risk-based implementation of IS requirements.
- Summarizes the IS status to the business in business terms.
- Oversees compliance with all business IS program elements, policies, standards, and guidelines; e.g., CISS.
- Establishes relationships with business managers and is consulted as a subject matter expert in multiple areas.
- Participates in sector-level and corporate-level governance or program processes / committees to provide adequate representation for some aspect of program management. E.g., ISRA Working Group, TPISA Working Group.
- Proactively manages risk and control through the identification, escalation, and solution development for compliance and audit issues including direct interaction and coordination with internal control officers.
CV GỬI VỀ EMAIL: email@example.com