Overview
The Staff Officer (CIS Security) is responsible for developing, implementing, and enforcing CIS Security and Security policies, directives, and guidelines. The role involves coordinating CIS Security issues within the HQ and with external agencies, inspecting compliance, and providing advice on security strategies.
Key Responsibilities
- Develop, implement and enforce CIS Security and Security policies, directives and guidelines in peacetime and operations.
- Contribute to the Coordination of all CIS requirements within JFCBS HQ.
- Coordinate all CIS Security issues within the JFCBS HQ and with other national/NATO agencies, commands and organisations.
- Inspect subordinate Headquarters (HQs) and ensure compliance with NATO CIS and Security policies.
- Undertake work as part of a project team or working group as directed or assigned.
- Prepare/assist in the preparation of meetings, agendas, programs, minutes.
- Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
- Obtain and act on vulnerability information and conduct security risk assessments, business impact analysis and accreditation on complex information systems.
- Investigate major breaches of CIS security and recommend appropriate control improvements.
- Contribute to development of information security policy, standards and guidelines.
Required Experience
- Minimum 4 years' professional experience with CIS/network security.
- Minimum 2 years’ experience applying Security policy preferably in CIS.
- Minimum 2 years’ experience in the selection, design, justification, implementation and operation of Security controls and management strategies.
- Experience performing joint staff functions, preferably in a NATO environment (desirable).
- Experience in Information Technology (IT) - governance (desirable).
Qualifications
- University Degree or equivalent in related field/discipline (equivalent is Higher Secondary Education AND completed advanced vocational training in relevant field leading to a professional certification or accreditation).
- Proven knowledge of computer and security principles, networking and operating system vulnerabilities and incident handling.
- Completion of relevant training/courses obtaining certifications such as Certified Information Systems Security Professional (CISSP) – Certified Information Security Manager (CISM) – Certified Information Systems Auditor (CISA) – International Organization for Standardization / International Electrotechnical Commission (ISO/IEC 27001), Global Information Assurance Certification (GIAC) (desirable).
