Job Role : SECURITY OFFICER
Railwaybackground / Railway industry experience
Organising monthly security follow-up meetings with theContracting Authority’s Security Officer.
Report about specific security topics related to thedelivery of the ERP Contract, the implementation of the ERP / FWCSecurity Plans, Risk Assessment, the ERP Security ImplementationPlan and the identified risks / security aspects of various ERPprojects will be discussed.
Present thesecurity dashboard with relevant KPI, the follow-up on securitymeasures / requirements implementation plan, security incidents, thenew vulnerabilities identified and the planning / results of thesecurity tests;
Being responsible for theimplementation, periodic review and improvement of the FWC SecurityPlan and ISMS;
Being responsible for thedelivery, quality review and timely submission of the ERP securitydeliverables (as example : ERP Security Risk Assessment, ERPSecurity Plan, ERP Business Continuity Plan, ERP Retention Policy,ERP Security Implementation Plan and ERP Test Cases);
Ensuring the consistency of all other ERP deliverablesfrom a security point of view and ensuring the overall coordinationof the work performed by additional security experts involved onERP projects;
Following security events andmanaging security incidents with due diligence;
Escalating security concerns or non-compliance towardsFWC / ERP Security Plan as appropriate among various stakeholders(the Contracting Authority, Sub-Contractors, entities within aConsortium, etc.);
Developing and being a keystakeholder of the ERP BCP / DRP process in alignment with theContracting Authority’s BCP / DRP strategy andframework;
Writing or reviewing all securityrelated documents;
Organising regular securityawareness sessions to staff members of the ERPContractor;
Participating in the proposal,build and testing phases of any new project. During these phases,he / she will be in charge of evaluating the risk by performing asecurity risk assessment as part of the Security Model deliverableand propose countermeasures when needed.
Contract Duration : 4 years
Single Point OfContact with Customer