Job Purpose:
As Lead of Governance and Information Protection, this role is responsible and accountable for these technical areas:Governance Risk and Compliance: Develop and implement a comprehensive cybersecurity governance framework aligned with industry best practices, regulations, and organization objectives. Information Protection: Develop and implement a comprehensive strategy for safeguarding sensitive information, data assets and access management. Security awareness and training: Develop and deliver training programs to raise users’ awareness about cybersecurity, policies, and threats to foster a positive cybersecurity culture throughout the organization. Cybersecurity program: Develop and execute strategic roadmap for the organization cybersecurity program for IT and OT in line with business requirements and objectives.
Qualifications and Experience:
Graduate and/or Master’s Degree qualifications in either Computer Science, Information Technology, or a related discipline.10+ years’ experience in a similar role, in large enterprise environments (>1000 users), with multiple geographic locations. Oil and Gas experience (or manufacturing industries) is preferred. Professional certifications in Information Security and/or Information technology – CISSP and/or CISM at minimum is required. Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies. Knowledge of and experience in managing, developing and documenting security programs and plans, including strategic, tactical, and operational plans. Strong analytical skills to analyze security requirements and relate them to appropriate security controls. Strong communication skills, including written, oral and presentation skills. Must be fluent in English. Knowledge and experience in Enterprise IT/OT security technologies, services, and processes Professional certification in Industrial Cybersecurity e.g., GICSP or similar) is desirable. Knowledge of Industrial Cybersecurity standards is desirable. Exposure to program and project management is desirable. Vendor management skills and ability to define and negotiate effective SLAs and service KPIs with vendors. Extensive technological domain knowledge to understand integration of digital products with IT systems & architecture. Good knowledge of the business to understand business requirements and implications on organization operations.