Information Security Specialist at DSV

Job description

Main Purpose:

The Information Security Specialist is responsible to safeguard company information system assets by identifying and remediating potential and actual security threats, vulnerabilities and weaknesses.

This person will take full responsibility for the regional DSV information system security including defining the security strategy as well as developing and implementing the information security roadmap in alignment with the central global IT strategy & Policies.

Duties and Responsibilities:

• Provide direction and consultation on information security and compliance.
• Creation, maintenance and socialization of security policies, procedures and standards in alignment with global policies, procedures and standards.
• Develop a local information security risk assessment framework to accurately assess all internal and external threats and vulnerabilities in accordance to the DSV security policy
• Inform local users about security measures, explain potential threats & implement security measures in accordance to the DSV security policy.
• Safeguards information system assets by identifying and solving potential and actual security problems.
• Establish and implement an information security governance framework commensurate with the assessed information security risk facing the business.
• Protects local system by defining access privileges, control structures, and resources.
• Recognizes problems by identifying abnormalities; reporting violations.
• Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
• Determines security violations and inefficiencies by conducting periodic audits.
• Keeps stakeholders informed by preparing performance reports; communicating security status.
• Maintains quality service by following organization security standards.
• Perform regular information security assessments & attestations, compliance reviews and information security audits with associated management reporting with a view towards continuous improvement.
• Create and institute measures to safeguard sensitive information within the local DSV computer network in alignment with central policies & procedures.
• Perform penetration and other intrusion tests on the IT network to identify potential weaknesses.
• Identify and drive information security improvement initiatives in response to identified threats, vulnerabilities and weaknesses.
• Monitor and analyze information security performance and compliance reports and escalate issues as needed.
• Work closely with client project implementation teams to provide security guidance and to identify, assess and mitigate potential information security threats and vulnerabilities.
• Serve in an advisory role in application development and infrastructure projects to assess security requirements and controls and ensure that security controls are implemented as planned.
• Develop and deliver IT risk & security awareness and compliance training programs in the business.
• Build and maintain relationships with operational and sales organizations to understand and anticipate internal and external customer needs and market demand
• Stay abreast with developments and best practice in IT Security as a profession
• Stay abreast with country security regulations and ensure adherence to any country specific regulatory requirements
• Provide support with completion of tenders on security matters

Electives:

• PMBOK
• SDLC experience (Waterfall & Agile)
• C#.Net development

Qualifications:

• Grade 12 / Standard 10 Certificate.
• B.Com Informatics / BSc Informatics / Computer Sciences Degree or 3-year IT Diploma.
• Relevant Information security related certificates / courses.

Computer Skills:

• System Administration,
• Network Architecture & Security design,
• Firewall Administration
• N+ and Security+ certification, Cisco CCIE, CCNP or related certification.
• Other security related qualifications like CEH, GPEN.
• Premier cyber security specific certifications like (ISC)2, CISSP or ISACA CISM.

Minimum Requirements:

• Minimum 5 years’ experience in a senior information security role with a strong focus and understanding of all information security related threats facing big business today.
• Ability to operate at technical and strategic level, both internally and with clients.
• Good interpersonal, written, and oral communication skills, from technical to strategic level.
• Experience working in a global context across time zones and countries and as a part of virtual teams.
• Financial acumen; understanding the impact of changes in working capital on business.
• Experience working within a global IT governance framework.
• Able to prioritize and execute tasks in a high-pressure environment