purpose of the job
The IT Security and Data Privacy Compliance Manager is a critical member of the information technology team. The IT Security and Data Privacy Compliance Manager will work closely with key cross-functional stakeholders across Digital Innovation, Enterprise Risk Management, and relevant business groups to support the risk identification and management process across all aspects of Information Security. The IT Security and Data Privacy Compliance Manager will perform RSRs third party vendor risk assessments across software and hardware platforms both on premise and cloud hosted. The role will also work closely on meeting our clients IT Security and Data privacy requirements.
Documentation and presentation skills, analytical and critical thinking skills, and the ability to identify needs and take initiative are key requirements of this position.
As the IT Security and Data Privacy Compliance Manager, you are responsible for:
The job is composed of a variety of activities, including very tactical, operational activities in support of the CISO's program initiatives, such as:
- Vendor Risk Assessment
- Security liaison
- Architecture/engineering support
- Operational / Implementation support
- Perform third party vendor risk assessments
- Work closely with our professional services teams to answer security related questions during new client implementation
- Coordinate all aspects of the issue tracking and remediation process as a result of the vendor risk assessments
- Clearly document and define risks and potential impacts including mitigation proposals and recommendations, providing challenge where needed
- Monitoring risk exposures and performance or key metrics, using and reviewing the risk type methodologies and supporting development of these where appropriate
- Consult with Digital Innovation to ensure that security and privacy is factored into the evaluation, selection, installation and configuration of our technology partners.
- Assist the development of proprietary Randstad tools to streamline Information Security and Data Privacy Compliance and continuous improvement activities
- Provide support and cover for certain time-critical elements of Information Security team responsibilities, such as security investigations, security incident responses, client escalations etc.
Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
requirements and qualifications
- A completed tertiary qualification in a relevant discipline (eg. Law, Business, Computer Science or Engineering).
- 5+ years of experience in Information Security, and/or Third Party Management required, additional expertise in Data Protection highly preferred.
- A strong understanding of the business impact of security tools, technologies, policies as well as Data Protection.
- Proficiency in performing Third Party risk, business impact, control and vulnerability assessments.
- Strong analytical skills to analyse security requirements and relate them to appropriate security controls.
- Experience in system technology security testing (vulnerability scanning and penetration testing).
- Experience working with legal, audit and compliance staff.
- Experience developing and maintaining policies, procedures, standards and guidelines.
- Experience in a hands on role of process review, design and implementation
- Experience with common information security management frameworks, such as the International Standards Organisation (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) framework.
- Current certifications in CISSP, CISM, CISA, CRISC or CGEIT are highly preferred.
- Familiarity with data protection principles and GDPR.
- Specific training/qualification - data protection practitioner; ISEC Certificate in data protection is an advantage
- Background in organisations with large data processing being undertaken
- The ability to interact with Randstad personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives.
- Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organisation, project and application development teams, management and business personnel; in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls; an excellent understanding of information security concepts, protocols and industry best practices.
Additional skills needed
Technical Skills required:
- High level of skill in data analysis, reporting
- Privacy Seal / ISO27001 / SOC2 type II / Cyber Essentials
- Working knowledge and understanding of privacy laws and guidelines with respect to Data Protection
- Good practice associated with working in a complex technology environment
Personal Skills Required:
- Ability to interface to a distributed team
- Ability to work / problem solve on own
- Analytical skills including attention to detail
- Problem-solving skills
- Confident and professional manner
- Calm and Robust personality
- Good interpersonal and verbal communication skills
- Have tenacity and focus to achieve objectives
At Randstad, we love to celebrate our hardworking diverse teams demonstrated through our ongoing commitment and diversityawards. Ranked as a 2021 DiversityInc Top 50 company, a 2021 Top 10 Global Champion for Supplier Diversity & Inclusion, a Military Friendly company for Veterans, Military Spouses & Suppliers, 2021 Staffing Industry Analyst Top 50 Diversity, Equity & Inclusion Influencer to name a few. We are proud of our collaborative culture which is at the heart of Randstad. When you join Randstad you will receive opportunities for competitive & robust benefits, flexible schedules, and the assurance that everyone can be their authentic selves. We are seeking candidates from all backgrounds and demographics and a variety of industries to join a winning team!
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.
At Randstad, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please just let us know....