Job DescriptionDigital Security Technical Lead – 28 x 28 Rotation – Contract - Iraq
ESSENTIAL:- Candidates should have a good track record in applying information security and ITC operational risk knowledge and processes to real-world business problems in a complex, multi-cultural organisation. This could be based either on a strong background in security methods or IT operational risk or on an intimate working knowledge of a relevant part of the oil and gas business.
Within the ITC team and the business:
- Develop and maintain relationships and build trust across stakeholders in ITC and the business, supporting the leadership team in meeting the security requirements of the JV.
- Define, and gain approval to, the digital security strategy for site and create the development and communications roadmap to deliver this.
- Develop and implement security guidelines and standard operating processes.
- Ensure that the requirements for the ITC and security risk assurance framework are met for projects, assets and suppliers.
- Manage the digital security relationship with third-party suppliers and ensure that the site is protected against supplier digital security breaches.
- Take the lead in incident management and resolution and ensure that lessons learned during incident reviews are properly implemented.
- Ensure full and relevant ongoing liaison with digital security peers within the company.
- Participate in business risk governance and coordinate risk remediation and reporting.
- Implement appropriate and regular reporting on digital security behavioural performance across the site.
- Own the cyber barometer for my client’s staff on secondment and identify improvement opportunities based on barometer scores.
- Provide guidance and focus for the cyber ambassadors
- Drive the right security behaviours and awareness across all Staff, through training, learning events and local campaigns.
- Manage findings from assurance activities and ensure that planned remediation’s are successfully put in place.
- Provide digital security and risk advice and guidance as required.
Candidates should have a good track record in applying information security and ITC operational risk knowledge and processes to real-world business problems in a complex, multi-cultural organisation. This could be based either on a strong background in security methods or IT operational risk or on an intimate working knowledge of a relevant part of the oil and gas business.
Business Risk Management. Able to apply risk management practices to ensure that information security and ITC operational risks are identified and properly managed.
Being influential. Gravitas and confidence to lead and drive change. Excellent communications skills including the ability to explain technical issues in business language.
Working with Autonomy. Ability to identify priorities, manage ambiguity and deal with a broad set of activities across a diverse stakeholder group.
An external accreditation recognised by the Information Security Profession (e.g. CISM, CISSP, M.Inst.ISP, CRISC) is highly desirable; in any event achievement of such an accreditation within 12 months of taking up the role would be expected.
Skills and Behaviours
- Excellent verbal and written communication skills
- Strong analytical skills
- Strong interpersonal skills and able to work with staff at all levels in an organisation
- Proactive thinking – the ability to come up with options and solutions
- Good attention to detail
- Delivery focused
- Willing to challenge and be challenged
- Motivating, positive, energetic, helpful
- Leads by example
- Demonstrates strong customer empathy