Accessibility Links
  • Job reference: RMS0145602

Local Information Security Officer

  • Sector: ICT
  • Location: London
  • Job type: Contract
  • Date posted: 03/10/2014
  • Time left:
    d h m s
This vacancy has now expired.
Send jobs like this to my email
The Role:
The E&P Local Information Security Officer (LISO) is tasked with developing, running and maintaining the Information Security Management System (ISMS) within E&P. The position co-ordinates and reconciles issues relating to information security, and acting in an advisory capacity where required. Tasks of the LISO include the developing and managing of local policies, managing third parties as well as the identification, classification and evaluation of critical assets from an information security risk perspective.

The remit of the LISO comprises three pillars of information security protection:
(1) CIT - commercial and office IT varying from end user PCs to data centres
(2) PIT - process IT systems e.g. offshore infrastructure
(3) NON-IT - non-it information for instance on documents & communication

Organisation Structure:
• Functionally reports to the E.ON Group ISO based in Dusseldorf
• Operationally reports to the E&P General Manager IT in Stavanger/London

Job Requirements

Manage and direct ISMS activities for the company's E&P.
• Create and maintain an inventory of key business processes, of information that is important from a business perspective, or in terms of legal or regulatory requirements or other perspectives, and of underlying resources (IT applications and infrastructure) for PIT and CIT and their owners (partly in cooperation with the IT service provider),
• Manage (with the participation of business representatives, providers, etc.) the annual classification of the protection requirements of information and resources (i.e. mainly for Business Applications, Process IT resources and Non-IT resources),
• Manage the annual risk analysis (with the participation of business representatives, providers, etc.), the interface to German Control and Transparency in Enterprises Act (KonTraG) with respect to information security risks, create and maintain risk overview reports,
• Ensure information security requirements are factored in to programmes and projects
• Manage and maintain an up-to-date picture of security threats and vulnerabilities
• Plan and manage measures to improve information security,
• Ensure adherence to / with GP3-19 compliance management and reporting, including interface to E.ON’s Internal Control System (ICS),
• Produce and coordinate EON E&P wide directives, processes, policies and procedures for information security,
• Participate in Group-wide working groups on information security and the Information Security Manager Meeting,
• Manage information security incidents,
• Advice E&P crisis management team,
• Promote staff awareness of information security issues within E&P,
• Manage authorizations of information security exceptions for E&P and its associated business units,
• Ensure information security requirements are adhered to by third party service providers
• Prepare regular reports about the information security situation of E&P,
• Act as a point of contact and source of advice on issues related to information security of E&P and its associated business units,
• Maintain schedule of legal requirements and monitor legal developments,
• Coordinate with interface functions within the E&P business,
• Provide input to and support IT disaster recovery and business continuity planning initiatives
• Maintain contact with relevant regional associations, government agencies (e.g. Petroleum Safety Authority, Petroleum Directorate and equivalent across the E&P foot print), forums, etc.

Essential Skills / Qualifications:
• Excellent understanding of Oil and Gas company business processes , applicable laws and regulations.
• Formal Education and Degree qualifications in IT, Information security or risk management or similar.
• Proven skills and experience in Information Security and Risk Management.
• Familiar with Information Security Standards (ISO 27000 etc.)
• Project management experience and analytical skills.
• Good understanding of technology and practical implications for the users.
• Excellent communication and interpersonal skills, successful outcomes from conflicting interests/priorities.
• Excellent written and oral presentation skills with the ability to produce clear and concise reports and communications to internal and external stakeholders.
• Willing and able to frequent travel within Germany, UK, Norway, and occasionally other locations.
Similar jobs
Automated Software Engineer Location Derby, Derbyshire Duration permanent The Role: We are currently seeking an experienced...
Will Davis
International Sales Account Director Location Derby, Derbyshire Duration permanent The Role: Do you have a proven success in an international...
Ibrahim Sajid
FLM Engineer Location Riyadh Duration 1 year The Role: Requirements * A technical diploma or degree in...

Back to Top