Position Summary :
Position oversees and is responsible for the implementation and maintenance of the local Information Security Management System and improved security posture of the local reporting unit.
In addition, will be responsible for the Local-ISO program of work for the assigned area. Implements standards and audit procedures to identify and resolve security violations.
Conducts disaster recovery and cyberattack preparation and training.
Overall Responsibilities :
Plans, directs and controls activities of information security organization within North America Operations (Canada, Mexico and US)
Performs periodic management ISMS review with the sub-regional leadership describing progress / achievements, current topics and current or potential risks.
Audits and Assessments :
Implement the regional monitoring and auditing program to ensure compliance to Majorel ISMS security regulations, contractual, security and industry specific standards (PCI DSS, ISO27001,SSAE) and regulatory requirements
oSupport corporate, client and other 3rd party security relevant audits and assessments.
oEnsure that audit findings are adequately and effectively remediated on a timely manner.
Risk Management :
Implement risk management program, maintains risk inventory and pro-actively assess potential security risks brought about by technology, physical, environmental and organization changes
Incident Management :
Implement incident management awareness program.
Performs deep dive analysis of the security incidents reported within the sub-region.
oEngage proactively in site buildouts, business transitions, local projects and / or initiatives in order to minimize compliance risks and promote adherence to company policies, contractual and regulatory requirements.
Represent the Information Security in discussions with different stakeholders and extend assistance to educate relevant users on how to comply with the different information security policies of the company.
Prepare proposals in cooperation with Regional ISO to improve the security posture of the sub-region and brings them to the attention of the management during regular reporting cycle or whenever necessary.
Proactively research on internal and external security threats brought about by changes in government regulations, technology, organizational set-up, etc.
Liaise with other Majorel functions, including Governance, Compliance & Control, Data Privacy Office, BCM, Account Management, Global Security Operations Center, Global-ITTAM, Project Management Office to ensure the risk management process is efficient and effective.
Support the regional Business Continuity Manager in implementing Business Continuity processes within the sub-region.
Fulfill other tasks related to the position as required.
Job Skills :
Strong Leadership and people skills
Proven knowledge and experience on project management and data analysis
Strong analytical, problem solving and decision making skills
Excellent communication and presentation skills
Job Experience and Education :
Graduate of Bachelor’s Degree in Information Technology, Computer Science, Administration Management or equivalent desired.
Holds industry certification (CISM, CRISC, CISSP, CISA, ISO / IEC 27001 Information Security Officer or ISO / IEC 27001 Lead Implementer / Auditor)
Minimum 3 years’ experience in IT related field, 5 years of full-time professional experience in Information Security, Data Protection, Security Audit and Risk Management with a record of success indicated by career advancement preferably in the BPO industry.
Minimum of 2 years supervisory / management-level experience preferably in information security.
Strong familiarity with relevant information security frameworks (IS0 27001, PCI DSS, COBIT, CIS, etc.)