|
For those who have infos about Homeland Security Training which is not vendor affiliated ?
ECept Education > Supervisor Training
Q. For those who have infos about Homeland Security Training which is not vendor affiliated ?
A. -This position is being introduced to compliment and enhance the existing Security Office organization and is sponsored by senior management and by internal and external audit. It is consistent with the need for higher visibility of security and privacy issues for all organizations. The role includes global enterprise scope for a group of financial companies. This position will report to the Vice-President, Quality Assurance and Risk Management and is accountable for providing the leadership, guidance, and direction for enterprise-wide governance of IT information security management. This accountability includes developing and improving security management strategies, processes, practices, and promoting awareness to enable business units and service providers to enforce security effectively. Superior influencing skills are essential. This position will have two direct reporting areas: Security Office · Policies & Standards · Security Awareness & Training · Security Compliance · Business & IT Security Advisory · Security Reporting & Incident Response Security Administration · Identity Administration · Security Access Management Specific responsibilities will include: 1. Strategy, Planning and Marketing for Information Security Develop and maintain an Enterprise Information Security Strategy, encompassing a managed risk framework, security architecture, process framework, awareness and governance. He/she will need to ensure that there is alignment between security, IT, and business strategies. Define roles and responsibilities for the implementation of the Information Security Strategy. This will include roles & responsibilities of the business units, senior management, and users. Direct and implement security policy, standards, and guidelines, in partnership with legal, audit and business units to reflect business, security, regulatory and privacy needs. Define the minimum requirements for information security, commensurate with varying levels of risk. Provide leadership, guidance, influence and direction for enterprise wide governance of information security management through effective communication, partnering, and relationships with senior management (business and IT). Resource, develop and grow the staff of the Security Office. 1. Risk Management Monitor the security/privacy market to keep abreast of best practices, trends, and regulatory requirements in information security management practices, technologies, vulnerabilities, and exploits, and take appropriate actions, including developing and implementing plans and communicating them appropriately. Direct risk-based approach for information security delivery including asset and data identification and classification, and risk assessment. Ensure that an effective risk assessment and exemption process is established and adhered to. Negotiate strategic and operational security improvements to sufficiently protect corporate information. Communicate and sustain awareness of security issues, including roles/responsibilities and the supporting security policies, standards, guidelines, and processes. Audiences include everyone from "the mail room to the boardroom" and external third party vendors and services. Research best practices, defining and implementing improvements to corporate security infrastructure to support the security program. Provide proactive consulting support to IT projects to ensure that security is designed into the technical architecture and managed effectively. Provide security risk assessments through the gating process. Work in partnership with the enterprise quality assurance and risk management area. Establish and monitor privacy procedures to address consumers' most important issues and to ensure proactive response to the tightening privacy regulatory requirements. Define and establish the metrics and reporting for monitoring the effectiveness/compliance of the Security Program at an enterprise level and at the business unit level. Maintain a close liaison with audit services to ensure that security risks identified as a result of audits or reviews are monitored and effectively resolved. Mandatory Qualifications and Characteristics: Minimum Experience At least fifteen years in increasingly senior information system positions. At least eight to ten years of experience demonstrating expertise in information security, risk management and asset classification. Experience in risk assessment incorporating financial, human and technological elements. Education A university degree (BA/BS) or equivalent work experience. Certification - CISSP or CISA. The successful candidate will have a demonstrated ability to show the value, relevance, and priority of information security issues. He/she will able to sell the alignment among security, privacy, and business strategies and then sustain senior management commitment to that alignment. Outstanding communication skills are required in order to succeed. More particularly the CISO will have: Superior influencing skills able to influence senior business leaders. Able to command presence and respect throughout the organizations. Able to drive security related projects and activities to successful completion, manage complex programs across multiple sites and geography's. Demonstrate excellent communication and problem solving skills. Diverse technical aptitude is essential together with a high degree and management skills sets. Professional mastery and knowledge related to information technology protection, risk assessment, security technology strategies, and objectives towards future/leading edge environments. Comprehensive understanding and experience in information technology strategies and operational objectives to resolve business security issues. An in-depth understanding of networking will be needed.
Other Questions:
question about promoting a sales training company ?Are there any good places on the Internet -- newsgroup, mailing lists, web pages -- that would help me promote a sales training group here in South Carolina? I've already submitted the site to major search engines, and am now attacking the ...
Demand for Sales Training Consultant ?Demand for Sales Training Consultant ? How much demand do you think there is for formal "Sales Training" outside of the corporate world? Do you think the average salesperson seeks formal "Sales Training?"-You need to clarify "outside corporate...
Manager of Program Development ? planning for the Sales Training and Management Development ?Manager of Program Development ? planning for the Sales Training and Management Development ? anyone may show me about Sales Training Program Development ?-Manage the research, design, development, production and evaluation of training for our c...
question about Telemarketing a sales training company ?question about Telemarketing a sales training company ? I am interested in finding any web pages that are good places to promote a sales training company. Of particular interest are ones that already concentrate in the field of sales or trainin...
any infos about Training Management Systems ?any infos about Training Management Systems ? For those looking at systems planning for running the education services group, I'd like to recommend a new report form Brandon Hall resources entitled, Training Management Systems, How to Choose a Syst...
Ask a Question
About Us / Me
Contact Me
Privacy Policy
US Department of Education
APA Student Resources
Student Gateway to the US Government
Education.com
Education News
Distance Education
Driver Education
Online Course
Online Degree
Online Education
Supervisor Training