Site Information Security Officer

Vacancy details

General information

Reference

2021-14251  

Job level

40 - Experienced

Position description

Posting title

Site Information Security Officer

Regular/Temporary

Regular

Job description

The Site Information Security Officer will directly report solid-line to the Site Digital IT manager or Site Digital IT Service Delivery Manager, and shall cover all business and support functions at the site.

Person can be asked to travel in ST worldwide, whenever needed

Main accountabilities will be

- Ensure that information security risks at the site are known and managed

- Ensure that the information security framework is implemented at the site, supporting all functions at the site

- Raise Information Security awareness at the site, at all levels

- Participate actively to the detection and reaction to Information Security related anomalies or incidents

- Ensure that local IT solutions / industrial solutions, site services (such as physical security, facilities and canteen systems), labs and warehouses are properly managed for security

- Ensure that site services do follow the security procedures (security in contracts, connection to ST network, security for cloud services…)

- Be the Information Security technical reference at the site, making the link with the Security Operations Center

- Be the primary interface for the site with Central Information Security organization, including for site-based information security audits (certification, customer, internal) and actions triggered by Central Information Security organization

Profile

The position shall be fulfilled by a professional with the relevant experience and technical skills and shall have proven track records in this function.

- Ability to cover the entire scope of information security

- Expertise in several domains of cyber security (such as network, system, application, incident management, awareness, vulnerability management, audit and risk assessment…)

- Ability to interact with people at all levels and all domains (directors, managers, experts...)

- Experience in doing security training and briefing sessions with management

- Good facilitation, communication and influence skills

- Ability to treat several topics in parallel, to "clarify the unknown", to translate technical aspects into risks and to communicate on those risks.

- Ability to consider short-term as well as longer term actions and to anticipate

- Trustworthy. Rigorous. Pro-active

- Security certification is a plus (CISSP)

 

- 5-10 years’ experience covering several domains of information security

- Bachelor in information security or equivalent experience

(BTech/MCA) - Min 60%

Position location

Job location

Asia-Pacific, India, Greater Noida

Candidate criteria

Education level required

4 - Bachelor degree

Experience level required

6-10 years

Languages

English (2- Business fluent)

Requester

Desired start date

01/09/2021