Information Security Officer (ISO)
Category:IT & Computer Science jobs
City:Limassol, Nicosia
Grant Thornton (Cyprus) Limited
Accounting, Business, Consulting
Grant Thornton Cyprus is a member firm of Grant Thornton International Limited (GTIL), one of the leading organizations delivering audit, tax, and advisory services. With more than 58,000 Grant Thornton people, across over 138 countries, we are focused on making a difference to clients, colleagues, and the communities in which we live and work.
If you want to be part of this incredible journey, we have an opportunity for you. We are looking for a passionate, self-motivated, and high calibre professional who really cares about making a difference and creating value for themselves and others to join our Information Security team.
Job Summary: The Information Security Officer (ISO) will be responsible for developing, implementing, and managing a comprehensive information security program. This role involves designing security policies, procedures, and technical solutions to mitigate risk, ensuring compliance with regulatory requirements, and responding to security incidents.
The ideal candidate should have a strong background in information security management, risk assessment, incident response, and will serve as the primary point of contact for all security-related issues within the organization.
The responsibilities will include, but not be limited to:
- Develop & Maintain Security Framework: Establish and continuously improve the organization’s information security management framework.
- Security Policy Development: Lead the design, review, and enhancement of security policies, standards, guidelines, and best practices.
- Risk Assessment & Audits: Conduct regular risk assessments and security audits to identify potential vulnerabilities, providing actionable recommendations for mitigation.
- Incident Response & Recovery: Develop and implement an incident response plan to swiftly address and mitigate security breaches. Lead post-incident analysis to prevent recurrence.
- Security Awareness: Create and manage security awareness and training programs to educate employees on security risks and best practices.
- Cross-Department Collaboration: Collaborate closely with IT, legal, compliance, and other departments to ensure security measures are integrated into business processes and technologies.
- Third-Party Security Management: Evaluate the security posture of third-party vendors and partners, ensuring they align with organizational security standards. Manage security aspects of contracts and agreements.
- Data Privacy Compliance: Ensure compliance with data privacy regulations (e.g., GDPR, HIPAA) by implementing appropriate data protection measures.
Qualifications. Skills and Attributes for Success
Qualifications:
- Education: Bachelor’s degree in information security, Computer Science, Information Technology, or a related field.
- Framework Knowledge: Proficiency in common information security management frameworks (e.g., ISO/IEC 27001, NIST, COBIT).
- Technical Expertise: Strong understanding of network security, access control, encryption, and data protection technologies.
- Tools & Technologies: Experience with security tools such as Security Information and Event Management (SIEM), Intrusion Detection/Prevention Systems (IDS/IPS), and vulnerability scanning solutions.
- Communication Skills: Excellent written and verbal communication skills, with the ability to communicate security and risk-related concepts to technical and nontechnical audiences.
- Policy Development: Experience in developing and implementing information security policies and procedures.
Preferred Skills:
- Experience: 3 years in information security, cybersecurity, or a related discipline will be considered a plus.
- Industry-Specific Experience: Previous experience in a similar security role.
- Certifications: Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or equivalent.
- Cloud Security: Knowledge of cloud security best practices and experience with cloud platforms such as AWS, Microsoft Azure.
- Threat Intelligence: Up-to-date knowledge of emerging security threats and trends, and a proactive approach to cybersecurity.
- Problem-Solving: Strong analytical, problem-solving, and critical thinking abilities.
Benefits - We Go Beyond for our people because we care!!
What will we offer to you?
- Friendly and dynamic working environment, in which you can develop your skills and competencies
- A workplace with a strong focus on values and work-life balance and the joint aim to provide the best possible solutions for our clients
- A Learning & Development path, which focuses on both technical & soft skills. You will also have access to coaching and mentoring
- Your professional and personal success is our commitment
Other benefits to support you in every way possible:
- Competitive remuneration and benefits package, including recognition schemes and 13th salary
- Overtime / Bonus scheme
- Medical insurance
- Provident fund
- Paid maternity and paternity leave
- Parental leave allowance
- "Be there for our family paid leave / carer’s leave" scheme
- "Giving back to the community paid time off" scheme
- "Flexible Working Arrangements" scheme
- "Dress For Your Diary" scheme
- Afternoon off on Fridays
- Four-day long weekends in August (all Fridays free)
- “We never miss a public holiday” scheme
- Sponsorship of yearly professional subscriptions
- Several opportunities for professional and personal growth through our Grant Thornton International network
What you will you need to do next?
If you believe that Grant Thornton is the right place for you, you have the right attitude, skills, aspiration for success and share our CLEARR values we invite you to submit your application online together with uploading your latest CV.