IT Information Security Officer ( ISO )
Information System Security Officer (ISO) establishes and enforces security policies to protect an organization’s computer infrastructure, networks and data. He plays a vital role in protecting an organization, because an information security breach can result in disruption to the business, loss of confidential or commercially sensitive data, and financial loss. Security breaches take a number of forms, including attacks by cyber-criminals, virus attacks and attempts by unauthorized parties, inside and outside the company, to obtain passwords or personal data.
A large part of ISO’s work is planning. ISO assesses the organization’s infrastructure and data to identify vulnerabilities caused by weaknesses or flaws in software and hardware that could expose the infrastructure to a security breach.
He also evaluates the effectiveness of existing security measures, such as firewalls, password policies and intrusion-detection systems. He makes recommendations to improve security based on his assessments and knowledge of current and emerging threats.
Balancing essential access to data and systems with high levels of security is a major challenge for the IS officer. He develops policies that give managers and employees varying levels of access to corporate applications, systems and data, and they monitor access to ensure compliance.
ISO selects security products, such as firewalls, anti-virus software and software to protect the network. He installs software to monitor security across all corporate networks, computers and storage devices, so that he can quickly identify attacks and respond to any alerts. ISO also carry out tests, such as simulated attacks, on his own security systems to ensure that there are no weaknesses.
Information Security Officer Responsibilities:
- Identifying vulnerabilities in the organization networks
- Developing and implementing a comprehensive plan to secure the organization networks
- Monitoring network usage to ensure compliance with security policies
- Keeping up to date with developments in IT security standards and threats
- Performing penetration tests to find any flaws
- Ensure information confidentiality, integrity and availability
- Collaborating with management and the IT department to improve security
- Documenting any security breaches and assessing their damage
- Educating colleagues about security software and best practices for information security
- Creating information security strategies, both short-term and long-range, in support of the organization’s goals
- Developing information security awareness training and education programs, works with other organization entities to present them to the other departments as appropriate
- Evaluating security incidents and determines what response, if any, is needed and coordinating responses, including technical incident response, when sensitive information is breached
- Work closely with relevant teams internally to ensure alignment and coordination across operations as part of the seamless implementation of requested tasks
- Provide regular and effective progress updates to and work closely with the Finance Director and the MIS Department Manager to ensure the management of any delivery risks or issues
- Generate reports identifying flaws with the network operations
- Identify KPIs to evaluate the infrastructure operations
Information Security Officer Qualifications and Skills:
- Bachelor or higher degree in Computer Communication Engineering (CCE), Computer Science or other related field
- 5+ years of overall IT experience with significant involvement in software development
- Ability to handle pressure/Work under fast moving environment
- Ability to work as part of a team
- Ability to conduct demos and presentation
- Excellent written and verbal communication in English and Arabic, French is a plus
- Dynamic with initiative to perform the above