The IT Security Officer plays an important part in the new organization and requires someone who is able to lead and bring people together while driving successful change across various disciplines. The IT Security Officer is part of the IT Office department and team. (S)He reports to the ICT Director.
Our client is the world's largest independent bottler for retailers and A-brands in Europe and North-America. Their production platform covers 59 manufacturing sites in Europe, US, Canada and Mexico providing customers with close proximity and reliable service across geographies.
They continuously strive to meet and exceed their customers changing needs and requirements. Information Technology and digitalization are increasingly important to realize synergies in the organization and drive a high quality customer experience across our client. That is why they are implementing an IT strategy that aims to standardize and strengthen the core IT to drive synergies across the business and strengthen the IT community.
This requires an update with respect to how they organize ourselves with several new roles that help drive this change.
Our client has organized the IT function under the ICT director who reports to the European finance director. The ICT director will manage a core IT function consisting of five focus teams, and work closely with the heads of IT in the business units. Roles within the core IT team will be primarily filled in from Rotterdam but can also be placed in local business unit locations.
The IT Security Officer is responsible for managing IT security and preventing damage to the organization as a result of IT security threats and breaches. (S)He monitors the security status and sets standards to keep the IT landscape safe. The IT Security Officer closely collaborates with the business unit Security Officers to stay up-to-date about local and overall IT security at our client.
(S)He is aware of the highly international environment of the client and finds continuous alignment with local heads of IT as well as local regulations. The IT security policy as such should be generic for Europe, but the level of support offered is locally specified. These security standards to be applied across business units (s)he sets together with the Head of Architecture; Head of Applications and Head of Infrastructure.
- Identifies applicable rules and regulations with respect to IT security and organizes decision making about the roadmap to establish the IT security plan
- Sets security standards and controls for execution as well as implementation with regard to the compliance requirements
- Periodically reports the security status to the ICT Director
- Monitors the activities in projects and operations with respect to the IT security standards and control frameworks
- Develops and implements IT security management processes and monitors the compliancy throughout the organization with the IT security plan
- Facilitates management to embed IT security management related requirements in SLAs with vendors and with business groups
- Partners with internal and external auditors as well as operational risk and compliance personnel to conduct regular audits to verify the achievement of required IT security levels and provides the required reporting
- Reports to managers about the IT security compliance and about improvement initiatives
- Conducts regular presentations to all staff to encourage the awareness with respect to IT security management
- Conducts risk assessment tests and evaluations on systems and architecture solutions to ensure operation in accordance with IT security requirements and identification of vulnerabilities
- Develop risk mitigation plans and implement required actions
- Define and implement an IT risk management framework
- University degree in Business IT Management or Computer Science
- At least 5 years of experience in IT security, policies and implementation of good practices in a multinational environment
- Knowledge of and experience with developing security management plans, policies and processes to protect company data and IT systems
- Knowledge of and experience with translating the established information security policies into actionable guidelines and implementations
- Knowledge of and experience with the design of processes that implement information security guidelines and procedures in IT systems and with monitoring the compliance to these processes
- Expert knowledge of the security & risk management discipline
- Strong written, oral and presentation skills
- Fluent in English, written and verbal
An open environment in which the candidate can develop himself and a matching salary for the experience that the candidate brings.