Senior Information Security Officer at The Central Securities Clearing System (CSCS) Plc

Job Description

• Regularly review and update security protocols to adapt to new threats and technologies. Implement measures to enhance data protection and privacy across the network. Stay abreast of emerging cybersecurity trends to ensure the organization's security practices remain up-to-date.
• Establish protocols for swiftly responding to and resolving security incidents to minimize potential damage. Monitor network activity for signs of potential breaches or unauthorized access. Coordinate with relevant teams to investigate and address any security breaches promptly.
• Configure and customize the ForeScout solution to maximize network security effectiveness. Monitor and analyse network traffic to identify and mitigate potential threats. Ensure that access controls align with the organization's security policies and requirements.
• Develop and deliver engaging security awareness training programs for employees to enhance their knowledge of cybersecurity best practices. Conduct regular phishing simulation exercises to educate employees about the dangers of phishing attacks and enhance their ability to identify and report suspicious emails.
• Perform regular vulnerability assessments to identify weaknesses in the CSCS network that could be exploited by cyber attackers. Conduct penetration testing to simulate real-world attacks and evaluate the effectiveness of existing security measures. Implement remediation measures to address identified vulnerabilities and improve overall network security.
• Work with relevant departments to ensure that policies, procedures, and controls align with the ISO 27001 standard. Conduct internal audits to assess compliance with ISO 27001 requirements and identify areas for improvement. Prepare documentation and evidence to demonstrate adherence to ISO 27001 standards during the audit process.
• Engage with the risk assessment team to identify and assess potential security risks to the organization. Develop and implement controls and mitigation strategies to address identified risks effectively. Regularly review and update risk assessments to adapt to changing threats and vulnerabilities in the cybersecurity landscape.

Requirements

• B.Sc. in Computer science or other related courses.
• Must have relevant security certifications eg CISSP, CISM, ISO 27001, CompTIA Sec+ etc.
• At least 5years experience in different information security related domains. Eg SOC, VAPT, ISO 27001 implementation, Security governance, Security awareness and simulation.