Information Security and Business Continuity Officer is primarily responsible for coordinating Information Security initiatives within the subsidiary and ensuring that the subsidiary is compliant with Information Security and Continuity requirements as stipulated in governing security and continuity policy documents.
Information Security and Business Continuity Officer’s responsibilities include managing information security risks and compliance relating to information security, physical security, business continuity planning, crisis management, privacy and compliance. The role also directs the adoption and implementation of Company’s corporate policies and procedures within subsidiary.
• Serving as the formal single point of contact on Information security and continuity for the subsidiary
• Ensuring the ongoing integration of information security with subsidiary business strategies and requirements
• Facilitating implementation of Security and Continuity Policies, standards and procedures within the subsidiary and ensuring delivery of locally assigned information security tasks and activities
• Coordinating and supporting Security and Continuity Risk and Compliance Activities within subsidiary
• Monitoring Data Leak Prevention incidents and reporting
• Coordination with key stakeholders on identification and fixing vulnerabilities
• Facilitating Business Impact Analysis (BIA)
• Performing Periodic monitoring of Security events
• Performing Security and Continuity due diligence in Projects and Changes
• Coordinating the delivery of awareness and training program on Information Security and Continuity in the subsidiary
• Coordinating business and IT continuity planning and DR efforts across subsidiary business units and infrastructure
• Coordinating Information Security incident response and reporting in subsidiary
• Other duties as assigned
• 2 plus years of demonstrated experience in an information security, risk management or compliance role, preferably within international environment.
• Experience with microfinance or banking organizations preferred.
• Working knowledge of national and international security regulatory compliances and frameworks such as ISO 27001, NIST, COBIT and PCI DSS.
• Industry Certifications (e.g. CISSP, CISM, SANS GIAC, CBCI) holders preferred
• Security vendor certifications (e.g. Cisco, TrendMicro, Splunk, Qualys) is a plus
EDUCATION & EXPERIENCE
• Bachelor’s degree in computer science, cyber security, management information systems, business administration, or related discipline preferred. Master’s degree desirable.
• Fluency Azeribaijani language required.
• Fluency in English preferred.
• MS Office (Word, Excel, Outlook, Powerpoint)