Koura Global
JOB SUMMARY :
The Information Security Coordinator is the primary contact for the business to provide information on cyber security across global Koura locations across all its assets, in alignment with local business and technology leaders and with Orbia’s information security mission, strategy, direction, policies and standards.
The Information Security Coordinator will act as main focal point within the Business Group (BG), for Cyber Security and will be responsible for overseeing the BG information and data security, driving business wide focus on the prevention, detection, and remediation of cyber security threats, in close alignment with Orbia Global Cyber Security department.
This role is mainly responsible for tactical activities aligned with the Business Information Security Officer, and will be instrumentational for the successful implementation of Global Security Services, identification and mitigation of risks and compliance to applicable standards and regulations on Koura businesses.It is a hands-on role that will require subject matter expertise, and processes for the effective execution of Orbia cybersecurity strategy.
MAIN RESPONSIBILITIES :
- Participate in the co-creation of enterprise-wise vision, strategy, and roadmap for information security.
- Drive within the Business in alignment with the Koura, Alphagary and Vestolit (KAV) BISO an information security program which is intelligence-driven and risk based, in line with Koura information security strategy and Risk appetite.
- Works with the IT Leadership Teams within Koura and Orbia providing technical expertise on Cyber and Information security strategy.
- Drive cyber resilience and readiness across Koura.
- Identify critical assets and ensure tiered risk-based protection across the footprint.
- Provide input to Koura information security budget and ensures adequate budget allocation within the region to fulfil the security roadmap and priorities
- Support the setting up the Information Security organization and is responsible for managing and coaching Information Security Trainees.
- Coordinate and facilitate the crown jewel risk assessment processes for Koura.
- Manages the identification, reporting, communication and follow up of Information and Cyber risks.
- Maintains a monthly Cyber Security Dashboard with information about identified risks, incidents, vulnerabilities and status of Cyber Security initiatives.
- Contributes to the development of Koura information security policies, standards and guidelines in line with recognized international standards such as ISO27001 and NIST.
- Working on and contributing to all information security related tactical activities and responsibilities throughout Koura globally. Including but not limited to; coordinating, analyzing and supporting information security related incidents or potential data breaches, coordinating assessments, coordinating risk reviews and risk mitigation efforts, supporting information security campaigns, etc.
- Evangelize information security and drive security awareness and training. Contribute in setting up an information security key-user program.
- Stay abreast of relevant information security regulations and drive programs to ensure proactive compliance.
- Partner with peers.
- Ensure information security is embedded across the regions and ecosystem of partners.
- Ensure adoption of Orbia’s global security services and their fit for purpose within the Business group.
- Support remediation of vulnerabilities in line with Orbia vulnerability management program.
- Ensures systems are properly protected and monitored from its design, and aligned with Orbia Cyber Security Policies and architecture principles.
- 10% – 15% of travelling abroad a year is required including Mexico.
EDUCATION :
Minimum: Bachelor degree
Desirable: Master’s degree in Computer science, Engineering or Business preferred.
KNOWLEDGE REQUIRED :
- Familiarity with relevant regulations, such as SOX, GDPR / data privacy, PCI-DSS, etc.
- Relevant audit, risk or security certifications (e.g. CISSP, CISA, CISM, etc.)
- Knowledge of international security framework and standards, such as ISO27001, NIST, CIS20, and assurance reporting standarards such as SOC 2.
- Ability to build strong partnerships in a global matrixed environment.
- Excellent communication skills, written, verbal.
- Ability to learn, grow and take on expanded duties as business needs evolve
- Demonstrated project management experience
- Superb judgment and integrity, including excellent decision-making skills and a sense of urgency.
EXPERIENCE REQUIRED :
- Minimum 5 years of proven experience in Information Security;
- Understanding of current and emerging threats and countermeasures and the organizational challenges to addressing these threats;
- A good practical knowledge of security technologies and wider business solutions including Firewalls, IDS/IPS, Identity and access management, SIEM, remote working and cloud technologies;
- Experience in large business transformation, across business areas, countries and cultures;
- Talent management and development
LANGUAGES REQUIRED :
- English Level of proficiency: Fluent