Business Information Security Officer – Corporate (Global)
WSP is a global consulting firm assisting public and private clients to plan, develop, design, construct, operate and maintain thousands of critical infrastructure projects around the world.
Position Summary
WSP’s Information Security Office (ISO) is responsible for the deployment of the information security framework in to both the IT organization and wider business community. This includes the Governance mechanisms, policies and processes, tools and technologies, and employee training required to protect WSP information and that of our clients.
The role of Business Information Security Officer – Corporate works directly with WSP’s Global IT organization and with our other Corporate Services such as HR, Finance and Health and Safety. It is a primarily internally facing role, though it may involve some interaction with clients and third parties. The role has a dual reporting relationship to the CISO and to the CIO.
This position requires a senior management professional with relevant experience and a strong working knowledge of IT security, risk management, regulatory compliance, information and public cloud service technology, IT operations management principles, and third-party security management.
Responsibilities:
• Working directly with business leadership at all levels of the organisation to deliver an effective, world class information security program.
• Establish and maintain the Information Security Governance framework; including running the Information Security Committee; coordinating IS risk management, executive reporting and participate in other forums where information security input and approval is required based on documented policies and processes.
• Implementing and Operating the ISO270001 aligned Data and Information Security Management System.
• Enhancing the security culture within Global IT and Corporate Services, driving business change initiatives and owning security e-learning.
• Developing and maintaining an understanding of IS requirements, including regulatory/legal requirements. Working with key stakeholders, including the Head of Legal and Corporate leads to provide input and security assurance for new bids and acquisitions.
• Working with the corporate IT teams and providing security guidance for new IT projects (working with the Security Architect function where needed)
• Liaise with the relevant functions – Risk Management, Commercial, HR, Legal, Compliance, Procurement, Facilities / Physical Security - to ensure IS coordination and risk management.
• The management and co-ordination of any security incident response.
• Provide SME and guidance on any security needs or requirements. Act as an advisor to the Corporate Services leads on all information security related matters.
• Work with the CISO and ISO on the Global Information Security Framework; contributing to the development of new processes, identifying and resolving risks and providing regular reports on security matters and metrics.
Leadership and People Responsibilities:
• Displays leadership and independence in performing their role, with an ability to make complex decisions with limited input and review from senior staff.
• High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
• Assist in the training, and coaching of new and existing staff, and provide coaching to staff executing all aspects of information security and risk assessment and support.
• Develop positive working relationships with other team members and business partners and partner across teams to align with WSP internal and external client demands.
• Capable of rapidly assimilating and internalizing complex business, technology, and risk management concepts and dependencies.
• Capable of clearly defining, presenting and selling recommended strategies to senior management teams.
• Critical thinker with strong problem-solving skills, project management skills; financial/budget management, scheduling and resource management.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate between specialized groups of business unit and IT professionals.
• Accommodation of schedule for international conference calls.
Finance/Budgetary Responsibilities:
• Support the CISO in developing the budget projections based on objectives
Requirements:
Required
• 8+ years related senior level experience in Information Security, IT risk, IT Audit or a similar position involving IT and business change
• Graduate of a four-year college or university, preferably with a degree in computer science or information management, or Professional certification in one or more of the following disciplines — IT governance (e.g., CGEIT), security (e.g., CISSP, CISM), internal audit (CISA) or Payment Card Industry (PCI)
• Working (not necessarily technical) knowledge of security technologies (encryption, data protection, network intrusion prevention, host intrusion prevention, firewalls, privilege access, etc.)
• Working (not necessarily technical) knowledge of enterprise IT security concerns and technologies, including but not limited to VPNs, network security, encryption, authentication, application-level network protocols, PKI, IPSec, Firewall, SSH, SSL, DES, LAN/WAN, and TCP/IP
• Knowledge of security best practices (applications, network and client setups)
• Experience with IT Governance frameworks such as COBIT, ITIL and ISO 2700x
• Experience with governance, compliance and audit within IT environments
• Experience of risk management, including risk analysis, mitigation and monitoring
• Knowledge of information security regulations applicable to WSP
Preferred
• Master's degree in IT, Computer Science, Engineering or related field
Learn more & how to apply
Location - This position can be located at any of our WSP offices Globally.
Nordic locations can be our WSP offices in Sweden, Finland, Denmark or Norway.
Apply through this ad or contact Sr TA partner EMEAI/Nordics Henrik.Jansson@wsp.com if you are interested in learning more about the Nordic positions/locations.
We are looking forward to your application!
Last application date 2024-05-12
- Affärsområde
- OneIT
- Locations
- Stockholm, Stockholm - Globen, Göteborg, Malmö
- Remote status
- Hybrid Remote
Vi förväntar oss mycket, det bör även du göra!
-
Drivs av passionerade medarbetare
Det är viktigt för oss att våra kolleger kommer till jobbet varje dag med nyfikenhet, driv och med en känsla av att bidra till samhället. Vi är ett levande bevis på att en stimulerande och öppen arbetsmiljö där alla fyller en viktig plats, uppskattas och får det stöd de behöver är en katalysator för framstående prestationer. -
En hållbar framtid genom design
Genom att utforska framtiden hittar vi inspiration till att leverera bra, effektiva och hållbara projekt. När vi har utforskat alla möjligheter utmanar vi oss själva för att skapa nya. Vi har ett ansvar att tänka nytt både i leveranserna till våra kunder och i hur vi driver vår egen verksamhet. -
Inspirerade av mångfald, drivna av inkludering
Vi tror på öppenhet, nyfikenhet och allas lika värde oavsett bakgrund och förutsättningar. Vi välkomnar ett brett spektrum av perspektiv och färdigheter eftersom vi vet att olika idéer skapar extraordinära resultat.
Arbetsplats och kultur
WSP har vuxit snabbt - men vi har behållit det lilla företagets möjligheter till nytänkande och personligt engagemang.
En glädjande siffra är att 94 % av våra medarbetare rekommenderar andra att jobba här. Det är vi mycket stolta över, men vi slår oss inte till ro utan jobbar kontinuerligt med vår medarbetarutveckling och de karriärmöjligheter som finns.
För oss är det viktigt med engagemang, relationer och hög trivsel. Därför erbjuder vi också många interna nätverk, flera idrottslag och sociala aktiviteter efter jobbet– ett vinnande koncept för tighta team.
Vi gillar varandra!
About WSP Sverige
We are one of the world’s leading engineering and professional services firms. Our 67,000 passionate people are united by the common purpose of creating positive, long-lasting impacts on the communities we serve through a culture of innovation, integrity, and inclusion.
Business Information Security Officer – Corporate (Global)
Loading application form