Manager Information Security at WNS Global Services

Job description

Main purpose:

To ensure the organisations Information Security Management System is maintained and the compliance of staff and policies, procedures, guidelines and standards used to support the effectiveness of the ISMS.

Key Responsibilities:

• Carry out all ISMS activities to ensure maintenance of ISO 27001:2005, PCI-DSS certifications at respective locations
• Conduct client risk assessments and ensure client’s information security requirements are effectively addressed
• Assist Information Security Manager / CISO in overseeing compliance activities relating to information security and privacy
• Act as the central coordinator for actual / potentially disruptive incidents at the location and follow laid protocol of Incident Management
• Lead investigations where Information Security breaches occur
• Leading site BCM Activities

Qualifications required:

• Relevant tertiary qualification
• Industry related certification required (e.g. CISM, CISA, CIA etc) preferred
• ISO 27001 Lead Auditor preferred
• CISSP preferred

Experience required:

• At least 5 years of professional experience in either a technical IT Risk or an IT Security role
• BPO industry experience would be advantageous
• BCM experience preferred
• Knowledge, skills and attributes required:
• Excellent communication skills (written and verbal)
• Excellent understanding of ISO27001 and PCI-DSS, and integration and maintenance within an ISMS
• Good working knowledge of security related legal and regulatory requirements
• Good working knowledge of Business Continuity and Disaster Recovery
• Ability to manage and deliver projects through to successful conclusion
• Knowledge of IT Corporate Governance Principles
• Ability to evaluate and analyse threat, vulnerability, impact and risk to security issues discovered from security assessments
• Advise on InfoSec security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems
• Manage information protection and data privacy with an understanding of POPIA and European GDPR
• Strong understanding of Information technology / IT security concepts
• A good understanding of various information system technologies including: Active directory, Networking, LAN / WAN, firewalls, IDS / IPS, Log management systems, web content filtering systems, enterprise Antivirus management systems, Patch management, OS hardening guidelines, etc
• Information system auditing experience
• Sound working knowledge of the latest Microsoft packages (Word, Excel, PowerPoint & Outlook)
• Meticulous attention to detail
• Ability to work under pressure to strict deadlines
• Ability to works towards team and individual targets
• Building and maintaining effective working relationships, both internal and external