Bachelor's degree in information security, computer science, engineering, mathematics, business, or related field of study plus a minimum of 10years of relevant experience workingas atechnicalinformationsecurityrisk manager orinformationsecurity architect;
Advanced degree in Information Security, computer science, engineering, mathematics, business, or related field of study plus a minimum of4years of relevant experience working as atechnicalinformationsecurityrisk manager orinformationsecurityarchitect.
Certifications: (Minimum plus at least 2 preferred)
CISSP or CISM (minimumrequired)
Microsoft Certified: Cybersecurity Architect Expert (preferred)
Other Microsoft cloud security related certifications at the Expert level (preferred)
GIAC certifications (preferred)
Offensive security related certifications (preferred)
Priorworkin a technical cybersecurity risk management function at organizations with security related regulatory requirements.
Practical use of risk management concepts and principles - including assessment, prioritization, delivery of treatment plans, tracking and reporting, and metrics (accreditation and certification). Experience with NIST-SP800-30, ISO 27001/2, ISO 27005, COBIT.
Embedding security into processes such as SDLC, Project Lifecycle, ITIL, etc.
Demonstrated cybersecurityexpertisewith infrastructure, applications, and database system technologies.
Basic IT consultancy skills. Ability to consult and deliver on the security hardening of application and infrastructure components, including tools, and techniques to ensure the security of application, database, and infrastructure components.
Pragmatic security expert with an inherent ability to balance security demands with business reality. Ability to quickly grasp hownew technologieswork and how security controls should be applied to achieve business goals.
Familiarity with a broad range of security technologies supplemented by in-depth knowledge in specific areas of relevance.
Ability to quickly grasp hownew technologieswork and how they might be applied to achieve business goals.
Knowledge of security solutions, latest threats, and countermeasures.
Analytical skills that enable synthesis of inputs from many sources and allow for strategic thinking and tactical implementation.
Spoken and written communications that are compelling, convincing, and reassuring, and skills to articulate complex technical ideas to non-technical stakeholders.
Ability to think laterally and to have input to / propose detailed, complex solutions to technical issues.
Interpersonal skills that create openness and trust among colleagues.
Ability to work well under pressure and to meet tight deadlines. Demonstratesa high levelof motivation, confidence, integrity, and responsibility.
Ability to be organized,responsiveand to be able to effectively multi-task with a focus on driving results.
Demonstrate excellent interpersonal and relationship management skills. This includes the ability to work independently, effectively in a team/task force as a team member or leader, and with senior staff and managers.
Ability to work well under pressure and to meet tight deadlines, whilstdemonstratinga high levelof motivation, confidence, integrity, and responsibility.
Excellent relationship management skills. Facilitation and conflict management skills that enable effective working relationships.