The Information
Security Officer is responsible for
determining appropriate security
measures and creating policies and
procedures that monitor and control
access to system resources and data. The
Information Security Officer will update
security standards as necessary and is
responsible for the prevention,
detection, containment and correction of
security breaches.
Qualification
n
BA or
BS in Computer Science,
Information Management, or
related field.
n
4
years of working experience
which must be directly
related to computer,
information, and/or network
security assessment,
administration, and
management.
n
MCSE
or CCNA certification
n
Preferably Certified
Information Systems Security
Professional (CISSP®) or
Certified Information
Systems Auditor (CISA®)
Criteria for
appraisal
n
Sound
application and
implementation on security
measures
n
Well
versed in applying proper
risk assessments and risk
analysis tools
n
Remain
current on information
security measures
Specific
duties
n
Oversees the establishment,
implementation and adherence
to policies and procedures
that guide and support the
provision of information
security services
n
Conducts risk assessments
and risk analysis to help
the organization develop
security standards and
procedures that support
strategic, tactical and
operational objectives on a
cost-effective basis
n
Makes
recommendations on
appropriate personnel,
physical and technical
security controls
n
Manages the Information
Security Incident Reporting
program to ensure the
prevention, detection,
containment and correction
of security breaches
n
Participates in resolving
problems with security
violations
n
Responsible for the content
(and in some cases the
delivery) of information
security seminars and
training classes
n
Coordinates the
communication of information
security awareness to all
members of the organization
Certifies that IT systems
meet predetermined security
requirements
n
Strives to maintain high
system availability
n
Works
with vendors, IT associates,
and user departments to
enhance information security
Perform other
duties as assigned by the person to whom
this individual reports to from time to
time.
Career opportunities in Datamed