As a Information Security Manager I am responsible for all security on operational and tactical level throughout the Knab organization in line with the Knab security policies, PCI-DSS and/or ISO27001/2 SOX and other frameworks.
I am working with a wide variety of people from different levels and departments within Knab and I am a security generalist and working together with the other security roles within the Information Security team to support management of Information Security within Knab and Aegon.
My specific tasks are:
- Acts as subject matter expert within Knab when it comes to all communications dealing with information security problems, issues and concerns.
- Responsible for implemeting the Information Security Management System (ISO27001)
- Responsible for maintaining the Information Security Policy set of Aegon, including document control, distribution and communication
- Managing and maintaining the Information security risk assessment program (incl. Business Impact Analyses, Information Risk Processes and Compliance)
- Supporting the creation and implementation of new Information Security policies, guidelines and proces adaption
- Establishes and maintains working relationships with business stakeholders involved with information security matters (Risk & Compliancy, Product Development, Control, Merchant Accounting e.g.).
- Support communication and implementation of security standards, policies and procedures as required for PCI-DSS, ISO27001 and ISAE 3402 compliance.
- If needed coordinates all multi-application or multi-system security improvement projects.
- Understands the fundamental business activities performed by Ingenico ePayments and based on this understanding suggest appropriate security solutions that protect these activities.
- Support the Head of Information Security in developing action plans, schedules, budgets, status reports and other top management communications.
- Experience in conducting interviews and delivering information security risk assessments of the current infrastructure, projects, new technologies, external service providers and IS changes
- Periodically initiating quality measurements studies (tests) to determine whether the security function at Knab operates in a manner consistent with standard industry practices