|
The Head of IT Security is responsible for developing and implementing a comprehensive IT security strategy to protect the company’s information assets, infrastructure, and systems. This role involves managing a team of IT security professionals, ensuring compliance with industry standards and regulations, and mitigating security risks.
|
|
Key Roles & Responsibilities: What are the core elements of the job duties, the primary day-to-day responsibilities & activities
|
|
|
- Develop and Implement Security Policies:
- Create and enforce IT security policies, procedures, and protocols.
- Ensure compliance with industry standards, regulations, and best practices.
- Experience developing and implementing internal company security controls and road maps.
- Risk Management:
- Conduct regular risk assessments and vulnerability analyses.
- Develop and implement strategies to mitigate identified risks.
- Security Operations:
- Oversee the day-to-day operations of the IT security team.
- Monitor security systems, networks, and applications for potential threats.
- Respond to and manage security incidents and breaches.
- Collaboration:
- Work closely with other departments, such as Finance, HR, and Legal, to ensure integrated security measures.
- Coordinate with external partners, including vendors and law enforcement agencies, as needed.
- Compliance and Audits:
- Ensure the company complies with relevant laws and regulations (e.g., GDPR, CCPA).
- Manage and prepare for internal and external security audits.
- Incident Response:
- Develop and maintain an incident response plan.
- Lead the response to security incidents, including investigation and remediation.
- Security Awareness:
- Develop and implement security awareness training programs for employees.
- Promote a culture of security within the organization.
- Reporting:
- Regularly report on the status of IT security to senior management.
- Provide recommendations for improvements and updates to security measures.
|
|
Functional Knowledge: Describebreadth and depth of knowledge of functional work and activities required
|
- Strong knowledge of security frameworks and standards (e.g., ISO 27001, NIST).
- In-depth understanding of network security, application security, and data protection.
- Proficiency in security technologies such as firewalls, intrusion detection/prevention systems, and encryption.
- Deep understanding of cloud security, endpoint security and identity and access management (IAM)
|
|
Business Expertise: Describeknowledge and expertise required about the business and industry in which the business functions
|
- Experience in the food manufacturing industry is a plus.
- Project Management: Proven experience in managing large-scale security projects and initiatives.
- Crisis Management: Strong background in crisis management and business continuity planning.
- Vendor Management: Experience in managing relationships with security vendors and service providers.
- Communication Skills: Exceptional written and verbal communication skills, with the ability to present complex security concepts to non-technical stakeholders.
- Strategic Thinking: Ability to develop and execute long-term security strategies aligned with business goals.
- Innovation: Track record of implementing innovative security solutions and staying ahead of emerging threats.
|
|
Leadership: Describe the nature of leadership required and guidance provided to others
|
- Ability to manage multiple projects and priorities in a fast-paced environment.
- Recruit, train, and manage a team of IT security professionals.
- Provide guidance and support to ensure the team’s effectiveness.
|
|
Problem Solving: Describethe level of analytical thinking required to perform the job
|
- Strong analytical and critical thinking abilities.
|
|
Impact: Describe the level of responsibility and resulting impact on the business
|
|
Key role to protect the overall Griffith business from cybersecurity threats and attacks. Without a strong security position, the organization can be exposed to cyber-attacks and negative financial impacts.
|
|
Interpersonal Skills: Describe the level and type of “people skills” that are normally required to do the job
|
- Excellent leadership, communication, and problem-solving skills.
- Building partnerships within the global IT teams and ensuring Griffith defined security standards are being followed.
- Holding IT teams accountable for complianncy
|