Back to All Vacancies

Primary Purpose

With a primary focus on overall compliance within BMIT Technologies, the Information Security Specialist will be responsible for the implementation and maintenance of controls, processes and audits related to BMIT Technologies’:

• Information Security Management System (ISMS);
• PCI DSS Compliance;
• GDPR;
• Project/programme management framework.

Overall, this would include:

• Overall management of BMIT Technologies’ compliance programmes including ISMS and PCI DSS;
• The implementation and maintenance of policies and procedures;
• Leading security awareness campaigns across the organisation;
• Supporting the internal teams with regulatory security requirements focusing ISO27001:2013 and PCI DSS;
• Project and Programme management of company’s strategic initiatives and/or projects;
• Coordination of GDPR requirements and liaison with the company’s DPO with respect to GDPR related matters

 Specific Responsibilities

• Develop and maintain the company’s Information Security related policies, procedures and work instructions;
• Ensuring the continual improvement of BMIT Technologies’ ISMS, PCI DSS and GDPR programmes;
• Assisting with the design of information security processes, policies, and procedures;
• Performing periodic audits of key security controls, processes and audits to ensure operating effectiveness;
• Contribute to the development of appropriate security KPIs, objectives and strategies aimed at improving BMIT Technologies’ security posture and security maturity;
• Maintain and improve the security education, training and awareness framework;
• Performing information security risk assessments;
• Maintain BMIT’s Security Risk Register and liaising with other relevant parties within the organization;
• Contributing to the ISMS Committee;
• Providing advice on ISO27001, PCI DSS and other relevant compliance standards;
• Participate and provide assistance during regulatory audits;
• Assist teams in supplier onboarding risk assessment process;
• Establishing an overall Programme Management framework and track progress on corporate strategic initiatives/projects;
• Project Manage assigned projects, developing project scopes and objectives, involving all relevant stakeholders, and ensuring technical feasibility;
• Developing detailed project plans and create comprehensive project documentation to track progress;
• Ensure projects are delivered on-time, within scope and budget;
• Measure project performance using appropriate systems, tools and techniques;
• Report and escalate issues to management as needed;
• Establish and maintain relationships with internal departments as well as third parties/vendors

Qualifications

• Minimum of two years working experience in an Information Security role, or similar;
• Bachelor’s degree in Information Systems, Computer Science or a relevant area;
• Good understanding of ISO27001 requirements;
• Certifications in information security, IT or auditing (ISO 27001 Implementer/auditor, etc.);
• Project Management certification such as Prince2 or Agile;
• Clear understanding of ITIL/ITSM;
• Knowledge of GDPR Law

Other Skills

• Be a self-starter;
• Excellent written and oral communication skills in English;
• Strong work ethic, methodical and good attention to detail;
• Ability to deliver quality work when under pressure;
• Ability to multitask and prioritize tasks as required;
• Strong willingness to learn;