Information Security Officer
London, England, United Kingdom
CrederaCredera is a consulting firm focused on strategy, transformation, data, and technology.
OPMG: Regional Information Security Officer
Please note, this role is for Omnicom Precision Marketing Group, advertised via Credera, a subsidiary of Omnicom.
The Regional Information Security Officer (RISO) will be an embedded Practice Area/Network security & risk professional, charged with assisting their local team and aligned with the Corporate Security function to assist in the maturation the security posture for his/her Practice Area/Network’s business and services. Reporting to the Practice Area/Network Business Information Security Officer (BISO), this role will be focused on the governance, implementation and compliance of the Corporate Information Security policies, standards, procedures and guidelines to prevent the unauthorized use, release, modification or destruction of data/systems, specific to their Practice Area/Network. The RISO will also be expected to assist with internal security consultancy to support strategy and identify information Security related risks and proactively work with all support departments including Human Resource, Facilities, Finance, Information Technology and Corporate Security to ensure that Information risks are identified, assessed, and mitigated in all situations where possible.
- Build and maintain global relationships with Practice Area/Network business units and stakeholders to support local security activities with focus on continuous improvement and program maturation.
- Work with BISO and Corporate Security to deliver administrative and technical controls, in line with organizational policies, standards, contracts, and/or regulatory obligations.
- Support strategic and tactical alignment of corporate technology to overall security to business objectives for all divisions within region.
- Assist in responding to client requirements such as RFP/RFI, audits, security questionnaires, contract negotiation and client meetings as relates to security where appropriate.
- Collaborate with the Practice Area/Network IT departments to identify and address internal/external security risks management and governance issues, developing treatment plans to address risk or reduce the risk to an acceptable level while aligning with the Corporate Risk Management Framework and practices.
- Participate in implementation and management of Practice Area/Network and Corporate platforms, e.g. endpoint protection, encryption, SIEM, CASB, perimeter controls
- Assist with regular testing and applicable remediation efforts of critical infrastructure, high-risk applications, and processes.
- Work with Corporate Security to supplement the global Information Security Awareness training curriculum, with Practice Area/Network specific content, facilitating cyber security awareness activities and security awareness concepts locally to be suitable for the business.
- Participate in the coordination and documentation of Business Continuity Plans and appropriate exercising across their assigned Practice Area/Network.
- Assist with Practice Area/Network and CSIRT responses to security incidents, providing timely reports during the incident and remediation, as well as proposing solutions to anticipate, prevent, or mitigate future incidents
- Provides additional leadership in support of the CIO’s strategic initiatives through dotted line reporting to the Regional CIOs.
- Partner with Practice Area/Network technical operations staff for reporting on information program posture and compliance within all markets within the region
- Minimum 4 years of experience in IT, Information Security, IT Audit or related area
- Familiarity with Information Security industry standards/best practices and relevant regulations (e.g., ISO27001, PCI DSS, HIPAA, GLBA, FISMA, SOX, NIST, CobiT)
- Industry recognized certifications (CISA, CISSP, CISM) preferred.
- Bachelor’s degree in Information Security, Computer Science, Information Management Systems, Business/Accounting or related field or related experience preferred.
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences
- Ability to cultivate relationships and act as a consultancy to varied stakeholders including cross-functional / peer relationships with diverse, global teams
- Proven track record of managing security in operations programs, strategic services, and projects to minimize risk exposure to the business.
- Possess a technical skill relevant to Information Security
- Strong problem solving and analytical skills
- Demonstrate the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
- Experience in project management and corporate security environment for a global company in such areas as policy creation, training / awareness, physical security controls, etc.
- Good understanding of security, administration, design, and implementation of operating systems and network security controls for both physical hardware and cloud-based SAAS / hosted solutions
- Strong interest in and of understanding of infrastructure security concepts, cloud-based architecture, security controls and technologies, industry best practices, access controls, forensics and metrics
- Awareness of global data protection / privacy laws and regulations and risk management methodologies
- Willingness to undertake information security certifications
Omnicom Precision Marketing Group aligns Omnicom's global digital, data and CRM capabilities to deliver precisely targeted and meaningful customer experiences at scale. Using its universal framework of connected data, connected intelligence and connected experiences, OPMG provides services that include data-driven product / service design, technology strategy and implementation, CRM / loyalty strategy and activation, econometric and attribution modeling and digital experience design and development. At the core of delivering these services is Omni, an advanced technology platform that combines a powerful cultural insights engine with massively scaled data insights from first-, second- and third-party sources, including several proprietary Omnicom data partnerships.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits CISA CISM CISSP Cloud CoBIT Compliance Computer Science CSIRT Encryption Finance FISMA Forensics Governance HIPAA ISO 27001 Network security NIST PCI DSS Privacy Risk management SaaS SIEM Strategy
Perks/benefits: Competitive pay
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open SOC-related jobs
- Open GCP-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open CISM-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open IAM-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open Vulnerability management-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open DoD-related jobs
- Open SQL-related jobs
- Open IDS-related jobs