Information and Network Systems Security Consultant

The successful candidate will contribute to the continuous maintenance and improvement of the effectiveness of enterprise security strategies, architecture policies and company information management system documentation including information security policies, standards, guidelines, procedures and baseline.   S/he will act as a focal point for departmental personnel who maintain day-to-day responsibilities for information security management.

In addition, s/he will participate in evaluation and assessment of existing businesses, systems, products, services as well as new business proposals and projects to identify security risks and recommend controls to address the identified risks.  S/he will be responsible for advising internal business units and management on appropriate technical security measures, providing information and guidance on information security issues and developing an enterprise-wide security awareness program, including training and providing information security presentations to internal personnel.

-       Relevant university degree and/or appropriate professional qualifications an advantage.

-       Minimum of five years’ extensive experience in information security preferably gained in multinational corporations. Prior experience in the development and presentation of security awareness programmes, multi-media training and in web site development will be a plus.

-       Strong knowledge and understanding of Information Security management standards, including ISO 27001 and ISO 27002. Proven ability to operate at a corporate information security level and to apply formal risk analysis methodologies across a wide variety of business applications and technologies.