Head - Cyber Security - FMCG

Job Description

Position: Head- Cyber security

Key Tasks and Responsibilities:

- Responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.

- Requires a leader with sound knowledge of business management and a working knowledge of information security technologies.

- Proactively work with business units to implement practices that meet defined policies and standards for information security.

- Develop, maintain and publish up-to-date information security policies, standards and guidelines. Oversee the approval, training, and dissemination of security policies and practices.

- Develop and manage information security budgets, and monitor them for variances.

- Manage information security and risk management awareness training programs for all employees, contractors and approved system users.

- Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of risk.

- Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program.

- Monitor the external threat environment for emerging threats, and advise relevant stakeholders on the appropriate courses of action.

- Coordinate the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources.

Qualifications:

- 10+ years of experience in a combination of risk management, information security and IT jobs.

- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.

- Proven track record and experience in developing information security policies and procedures, as well as successfully executing programs that meet the objectives of excellence in a dynamic environment.

- Knowledge and understanding of relevant legal and regulatory requirements, such as Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry/Data Security Standard.