Consumer Company Chief Information Security Officer
THIS SEARCH WAS SUCCESSFULLY COMPLETED.
Our Client
Our client is a data-driven marketing and loyalty analytics company. It provides clients with the customer insights they need to make smarter business decisions and build relevant, rewarding and long-term one-to-one relationships, evolving the value exchange to the mutual benefit of both clients and consumers.
The full job description covers all associated skills, previous experience, and any qualifications that applicants are expected to have.
The company operates globally from a Canadian head office.
The Role
Reporting to the Global Chief Information Officer, the Chief Information Security Officer (CISO) is responsible for identifying, recommending and overseeing the delivery of an information security plan to support the organization’s desired security posture in safeguarding its assets and those entrusted to its care to fulfill its mission and operate as a going concern. This is a new role within the organization and as such, represents a unique opportunity to make a significant impact on the company. More specifically, the CISO will be responsible for :
Information security plan
- Identifies organization’s information security requirements in-line with regulatory, contractual, and business objectives and proposes roadmap for Management consideration.
- Develops information security management plan, in-line with approved roadmap and objectives while ensuring measurable results.
- Establishes governance of security activities and manages the appropriate governance forums to report and discuss security results and strategy.
Information security management
Develops and implements an information security management process to achieve and monitor progress of information security plan.Monitors market developments and makes assessments on their applicability within the organization.Establishes policies in-line with organizational objectives.Liaises with vendors and business groups to embed information security related requirements in SLAs.Conducts and / or participates in regular audits to verify the achievement of required information security levels and provides the required reporting.Reports on plan progress, information security compliance and improvement initiatives.Manages budgets and resources including forecasting and reporting on actual vs budget.Manages the selected strategic partner to deliver security as a service to all business divisions within the company.Collaborates with the business and IT organizations to ensure the business risks are clearly understood and managed appropriately.Defines and implements an IT risk management framework.Partners with internal and external auditors, as well as operational risk and compliance personnel to manage IT risk agenda.Conducts risk assessments on systems and architecture solutions to ensure operation in accordance with information security requirements.Develops risk mitigation plans and ensures implementation of required actions.Presents these plans to the relevant executive committees at both the global and divisional levels.Key Competency Profile
Candidates should exhibit the following competency profile.
Strategic Approach
Able to stand back from immediate problems in order to focus on more far-reaching ideas and develops a strategic plan to realize the vision.Revises strategy in light of changing circumstances.Takes a long-term view of organizational success.Works to clarify long-term organizational goals.Problem Solving
Develops several explanations or alternatives.Divides problems into their individual elements.Draws parallels across situations and contexts.Separates the core of a problem from its symptoms and can identify cause and effect.Influence
Articulates the key points of an argument persuasively.Directly and indirectly impacts the decisions / opinions of others.Negotiates skillfully and convinces others to own point of view.Communication
Comprehends communications from others and responds appropriately.Expresses ideas in a clear, fluent and concise manner.Written and oral arguments are compelling and responsive to the needs of the audience.People Management
Adapts management style to achieve optimum results.Clarifies roles and responsibilities.Establishes and communicates clear priorities and sense of direction.Role Expertise
Demonstrates critical technical or professional knowledge / skills related to the role.Expands technical knowledge / skills and keeps up-to-date in own area of expertise.Has thorough knowledge of relevant products, services and methods.Key Candidate Qualifications
At least 10 years’ experience in information security / IT.Experience in IT security consulting an asset.Experience in loyalty marketing and / or consumer data handling required.Experience managing teams including geographically dispersed teams.Experience in working in a Security as a Service model with a strategic partner.Fluent in English, written and verbal; French verbal an asset.Education Requirements
Undergraduate degree ideally in information management, computer science or business.CISSP, CISA / CISM certifications an asset.J-18808-Ljbffr
