Technical Information Security Officer - Data Security

Harris Global
From £80,000 to £100,000 per annum Benefits + Bonus
12 Oct 2016
20 Oct 2016
Contract Type
Technical Information Security Officer - Data Security Description Harris Global is partnered with a leading investment management firm operating in more than 20 countries, the firm are looking for a Technical Information Security Officer with a strong focus on data security. The role will be based in Henley (near Reading) Job Purpose: This role is accountable for driving the Data Security projects for the organization. Under limited supervision, the candidate will get an opportunity to work with a wide variety of business stakeholders and IT professionals to ensure organizational security needs/ controls are aligned to support business goals and objectives, as directed. Key Responsibilities / Duties: · Act as a subject matter expert for review and approval of security designs, configurations, baselines, and technical standards and identification · Driving implementation of data security controls across IT with a focus on database security, and providing security consulting services to Information Security / IT on projects & general support matters · Owns the collaboration between Information Security and IT teams to support the data security program · Align with stakeholders, IT and Business aligning and setting data security standards with business goals and objectives · Responsible for the implementation of database security controls across the organization. Works with the security operation team in effective Database access monitoring · Execute on security strategy, drive data security projects, and ensure implementation and transition to operational support · Manages efforts for the facilitation of the security program. This will include driving the awareness and adoption of data classification across business units · Implement and administer data security controls and processes and define interaction model with the privacy function · Works on identifying IS risks and the appropriate controls for development, day-to-day operation, and remediation of non-compliance · Assist in research, design, and advocate new technologies, architectures, and security products that will support data driven security infrastructure requirements for the organization, business partners and vendors · Review/update DLP configurations to align with cyber threat intelligence and security monitoring processes · Assess effectiveness of data security controls i.e. encryption, data classification, DLP and report risk to the security management · Monitors changes in the risk profile · Provides ad-hoc security advice and supports risk assessments whenever data security technical expertise is required · Assists security Incident Response and forensic teams in the investigation as required · Report to management recurring risk, vulnerabilities and other security exposures, including misuse of information assets and non-compliance with enterprise security architecture · Maintain risk register · Perform additional duties as assigned or requested Qualifications Work Experience / Knowledge: · Eight plus years IT experience with 6 focused on Security · Experienced in database access, database compliance (Oracle, SQL), enterprise cloud solutions, encryption tools, and DLP tools · Demonstrated experience running an enterprise wide initiative and understanding of all domains of security · Understanding of technical standards for unstructured data (access right, encryption, etc.), data classification, structured data, cloud, endpoint protection solutions, data at rest, in motion, in use, etc. · Experience working in large / global corporate environments involving multiple business units or functions · Expert knowledge of data encryption technologies applied against structured data, Unstructured data, Storage & Backups, Email, File Sharing, B2B connections · Hands on experience with implementation of following data security technologies e.g. Tokenization, Data masking, Database Permissions · Experience in the monitoring technologies e.g. Central Logging, Database Access Monitoring, DLP, Analytics, advanced Perimeter and Endpoint Monitoring · Experienced with implementing a Data Classification framework · Ability to engage with senior leaders to define requirements and implement technology solutions that add value and reduce risk · Good understanding of audit / risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security · Working knowledge of industry standards such as NIST, ISO, COBIT, COSO or ITIL · Financial services and project management experience highly desired Skills / Other Personal Attributes Required: · Proven ability to effectively sell ideas and build consensus at all levels within the organization · Track record of success in planning and implementing large projects · Entrepreneurial spirit; hands-on and quick decision-maker · Strong analytical skills with ability to define, collect, analyze data, establish facts, draw valid conclusions, and make fact-based decisions · Strong communicator (written and verbal) and listener · Motivated self-starter with ability to work independently and remotely with limited supervision · Possesses diplomacy and cooperative style necessary to interface effectively with all personalities and across functional disciplines This job was originally posted as