Loading...

ISMS Manager

Date: Sep 3, 2021

Location: Pune, IN

Company: Bekaert NV

PURPOSE OF THE JOB
Data Privacy and the Cyber security has become a paramount concern for the organization
undergoing digital transformations. With organized cyber-crime, state-sponsored crime, Cyberattacks are becoming More Sophisticated, More Targeted and More Serious. The current threat
landscape means Bekaert need to be prepared for both the complex cyberattacks of today and the
next generation of threats. Bekaert has decided to establish an Information Security Management
System (ISMS), a set of policies and procedures for systematically managing an organization's
sensitive data. Create Security aware culture and manage risk before cyber criminals exploit them.
Bekaert is looking for an ISMS Manager to drive its Information security governance ,risk and compliance program.
 

Key Responsibility
ISMS Manager will be primarily responsible for/to;
 You will recommend information technology policies, standards and guidelines by evaluating the
organization's outcomes, identifying problems, evaluating trends, and anticipating requirements.
 Communicate and create awareness on security polices, framework, process and guidelines
 Develop Key Performance Indicators (KPI’s) and Key Risk Indicator (KRI’s) for Cyber Security program and
monitor their achievement on periodic basis.
 Responsible for identifying, evaluating and reporting on information security risks in a manner that meets
compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.
 Perform Security Gap assessment to check compliance with Bekaert's Security polices and framework.
Explaining and articulating potential business risks to key stakeholders
 Assess information security posture, identify the gaps/risks in the existing environment and develop
solutions to mitigate the identified gaps/risk. Track risks until closure / mitigated.
 Own Information Security Risk register and apprise IT leadership team and relevant stakeholder on identify
cyber security risk.
 Monitor and identify the top human risks to our organization and the behaviors we need to change to
mitigate those risks
 Develop, manage and implement a positive security awareness program, which focuses on changing
behaviors both at work and at home
 Lead the creation and procurement of awareness deliverables and learning content, leveraging various
channels for effective delivery in our global organization, measures the usage of the content and its
effectiveness, and develops metrics
 Will be responsible for the day to day operation of the phishing assessment program
Skills & Competencies
 Experience working in information security and demonstrable understanding of the concepts of
information security
 Knowledge of security policies and principles of information handling and protection
 Understanding of risk concepts, including risk identification, evaluation, mitigation, and measurement
 Experience deploying and measuring effectiveness of security awareness to a global audience, leveraging
LMS, webcasts, and other technology
 Experience in leveraging industry standards and frameworks such as ISO/IEC 17799, ISO/IEC 27001, COBIT,
ITIL, etc.
 Demonstrates in-depth knowledge of security and privacy controls and risk management process
 Skilled in executive level presentations and briefings
 Maintain awareness of the current security threat landscape

Education

 An advanced degree in Computer Science, Information Security, or a related discipline, or equivalent
work experience
Certification Requirements:
 12 years of work experience in Information Governance IT Audit, IT Security, or IT Risk Management
 Possesses certifications such as ISO27001 LA/ LI, ISO22301 LA/LI, CISSP, CISA, CISM, Global Information
Assurance Certification (GIAC) certification- preferred


Job Segment: Law, Risk Management, Manager, Computer Science, Procurement, Legal, Finance, Management, Technology, Operations