Information Risk Manager
This job is no longer active!
View all jobs ALTEN Romania active
View all jobs Information Risk Manager active on Hipo.ro
View all jobs IT Hardware active on Hipo.ro
View all jobs IT Software active on Hipo.ro
ALTEN Romania, part of the international ALTEN Group - with a unique position as Leader in IT & Engineering Consulting, provides support for its clients’ development strategies in the fields of innovation, R&D and IT systems since 1996. The company comprises 2 divisions specialized on its core capabilities: ENGINEERING and IT. These two divisions are: ALTEN TECHNO and ALTEN KEPLER.Requirements
• At least 3 years acting as a senior information risk officer or similar role
• At least 3 years experience working within the financial industry is considered an advantage
• Knowledge of information security principles and concepts, risk management concepts, IT security standards and best practices
• Good understanding of technical concepts related to networking, infrastructure and application security, endpoint technologies, physical and virtual data center hosting
• Experience in the design, development, implementation and operational support of mission critical solutions in large scale environments and organizations and security controls for these solutions
• Experience in monitoring activities of IT controls at both technical and operational level
• Any of the following would be an advantage: CompTIA Security+, CCNA, CCNA Security, SSCP, CISSP, CISM, CRISC, CISA, CEH
• BA/BS degree (IT, Automatics & Computer Science, Cybernetics, Electronics preferred), or equivalent experience, security qualifications and accreditation
• Excellent verbal and written communication skills with a wide range of audiences including technologists, executives, business stakeholders and IT team members.
• Oversee as well as being involved in the activities of the information risk division
• Perform Business Impact Assessments and Risk Assessments on information assets, projects or programs with IT component
• Oversee specific fist line of defense IT operations reacting to IT risks, events and incidents
• Test the design and effectiveness of IT controls and report on residual risk levels
• Recommend controls for the identified risks, agree action plans and closely monitor them until completion
• Active involvement in projects providing input/advice on information risk and security aspects at different stages of the project life-cycle: business requests, contracting phase, assessment of external potential external partners, solution and controls design, assessment of final deliverables
• Develop and/or review documentation such as: policies, procedures, standards, external connections, operational security guidelines, test results, etc.
• Responsible with developing and implementing Information Security culture, education and awareness programs
• Support IT department in keeping an accurate and up to date Disaster Recovery Plan in line with criticality of business systems resulted from Business Impact Assessments and Recovery Time / Point Objectives confirmed with Business Owners in order to ensure adequate design and effectiveness of the Continuity controls implemented
• Maintain, review and test business continuity plans to ensure that the company is prepared to optimally react in case of crisis.