IT Security Advisor - Data Management

Position Title:	IT Security Advisor - Data Management	Application Deadline Date:	31 Jul 2013
Position Location:	Possible Locations: Kuala Lumpur, India or Latin America Caribbean Region	Position Start Date	31 Jul 2013
Region:	Asia	Position End Date:	31 Jul 2099
Requisition Category:	International	Recruitment Priority:	Need Immediately
Country Name:	Malaysia	Program/Office Name:	GICT - Information Security
City/Province:	Possible Locations: Kuala Lumpur, India or Latin America Caribbean Region	Employee Type:	Contract
Job Grade Level:	16/164	Recruitment Status:	Actively Recruiting
Is this a family post?	Family - Spouse with Children
		Requisition Num:	2012AFERBRE-936U6W

PURPOSE OF POSITION:

The IT Security Advisor for Data Management will be responsible for the identification, classification and overall data security governance structure of World Vision’s data and data management program. 


KEY RESPONSIBILITIES:

INFORMATION/DATA SECURITY:
• Defines, identifies and classifies information assets.
• Assesses threats and vulnerabilities regarding information assets and recommends the appropriate security controls and measures.
• Develops and manages security measures for information systems to prevent security breaches.
• Consults with clients on the data classification of their resources
• Provides reports to leaders regarding the effectiveness of information security and makes recommendations for the adoption of new policies and procedures.
• Develops and implements strategies to align information security with business objectives and goals, protecting the integrity, confidentiality and availability of data.
  RISK ASSESSMENTS:
• Works directly with the customers and other internal departments and organizations to facilitate IT risk analysis and risk management processes and to identify acceptable levels of residual risk.
• Reviews risk assessments, analyzes the effectiveness of IT control activities, and reports on them with actionable recommendations.
• Evaluates security risks and identifies and defines compliance strategies in accordance with policies and standards.
• Provides management with risk assessments and security briefings to advise them of critical issues that may affect customer, or corporate security objectives.
• Communicates with multiple departments and levels of management in order to resolve technical and procedural IT security risks.
• Develops remediation strategies to mitigate risks associated with the protection of infrastructure and information assets.
  STRATEGY:
• Provides strategic and tactical direction and consultation on security and IT compliance.
  POLICIES, PROCEDURES, & STANDARDS:
• Maintains an up-to-date understanding of industry best practices.
• Develops, enhances and implements enterprise-wide security policies, procedures and standards across multiple platform and application environments.
• Monitors the legal and regulatory environment for developments.
• Recommends manages implementation of required changes to IT policies and procedures.
• Monitors compliance with security policies, standards, guidelines and procedures.
• Ensures security compliance with legal and regulatory standards.
  BUSINESS REQUIREMENTS:
• Engages directly with the business to gather a full understanding of project scope and business requirements.
• Assesses business needs against security concerns and articulates issues and potential risks to management.
• Consults with other business and technical staff on potential business impacts of proposed changes to the security environment.
• Provides security-related guidance on business process.
  SECURITY SOLUTIONS:
• Works closely with IT and development teams to design secure infrastructure solutions and applications, facilitating the implementation of protective and mitigating controls.
  OPERATIONS SOLUTIONS:
• Defines security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
• Defines and validates baseline security configurations for operating systems, applications, networking and telecommunications equipment.
  SECURITY AUDITS:
• Performs security audits.
• Participates in security investigations and compliance reviews as requested by external auditors.
• Consults with clients on security violations.
• Acts as liaison between internal audit and IT to ensure commitments are met and controls are properly implemented.
  BUSINESS CONTINUITY/DISASTER RECOVERY:
• Develops impact analysis.
• Assists business partners with the determination of critical business processes and systems.
• Identifies and coordinates resolution of recovery issues. 
  COMMUNICATIONS/CONSULTING:
• Serves in an advisory role in application development projects to assess security requirements and controls and ensures that security controls are implemented as planned.
• Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
• Provides input for the development of the security architecture.
• Informs stakeholders about compliance and security-related issues and activities affecting the assigned area or project.
• Interfaces with business and IT leaders communicating security issues and responding to requests for assistance and information.​
• Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.

KNOWLEDGE, SKILLS & ABILITIES:

REQUIRED:
• Bachelor’s Degree in Computer Science, Information Systems or other related field, or equivalent work experience.
• Requires in-depth knowledge of information lifecycle management and data classification schemas.
• Requires in-depth knowledge of data loss prevention (DLP) tools and technologies.
• Typically requires 7 - 10 years of combined IT and security work experience with a broad range of exposure to DLP technologies.
• Recommended Security Certification (i.e., Certified Information Systems Security Professional (CISSP), Certified Information Security Manage (CISM), or Global Information Assurance Certification (GIAC).

FOR QUESTIONS ONLY CONTACT WORLD VISION HERE

Downloadable Version (Must Have Adobe Acrobat Reader to view)
If you do not have Adobe Acrobat Reader CLICK HERE.

---

ITSecurityAdvisor-Da.pdf

Click here for further details and application