Business Information Security officer MEI (BISO)

Job Description

Who we are:
Do you want to join our Geo-data revolution? Fugro’s global reach and unique know-how will put the world at your fingertips. Our love of exploration and technical expertise help us to provide our clients with invaluable insights. We source and make sense of the most relevant Geo-data for their needs, so they can design, build and operate their assets more safely, sustainably and efficiently. But we’re always looking for new talent to take the next step with us. For bright minds who enjoy meaningful work and want to push our pioneering spirit further. For individuals who can take the initiative, but work well within a team.

Job Purpose:
In support of Fugro's digitalization journey and nature of its business, as a Geo-data company, there is a need to improve the Information Security posture. The regional Information Security Lead will cover both operational and governance aspects of Information Security. The individual will work on key projects and initiatives and collaborates closely with stakeholders across all functions to manage Information Security risks.

The lead has a healthy degree of business acumen and will acquire a good understanding on key assets and processes. Together with stakeholders risks are evaluated and reduced to acceptable levels. In essence, the analyst will help the various teams to achieve organizational objectives while not compromising the security posture.

Job Description:

The Regional BISO MEI -

• Collaborates with stakeholders to address and identify high-risk areas and support business-critical projects and key initiatives.

• Works with Project Managers, Business Analysts, architecture, compliance, and support team to ensure Fugro Information Security standards are being followed.

• Responsible for information security posture and assurance for MEI, and where applicable Global.

• Influences to achieve positive change to the Information Security posture through regular engagement and collaboration.

• Actively shares knowledge and insights to increase Information Security awareness throughout the region.

• Collaborates with the Security Operations Center and to respond to and manage priority incidents.

• Actively works with the Security Operating Center to remediate regional vulnerabilities and develop possible use cases.

Key result area

Information Security advisor with a regional scope covering both governance and operational aspects.

Major Security Incidents

• Coordinates major information security incident management, in the region, in collaboration with the various IT teams and the Security Operations Centre.

Adopt Information Security best practises

• Act as an advisor and provide consistent interpretation of Information Security policies, standards and procedures to stakeholders.

• Review adherence to Information Security policies while continuously monitoring and reporting on risks.

Risk Management & Data Sovereignty

• Oversees Information Security posture in the region and provides actionable plans to reduce risk levels.

• Will understand key (information) assets and processes, identify and evaluate risks and Information Security controls, and suggest risk management approaches where necessary.

• Provide Information Security advice for business-critical projects.

• Responsible for the business continuity process for MEI

• The individual will assess suppliers on Information Security maturity.

• Responsible for data sovereignty in the region, engage and collaborate with the geo-processing team to maintain sovereignty in the region.

Support compliance efforts

• Address client Information Security requirements. Furthermore, together with the Information Security team develop a ‘toolkit’ to address common client requests.

• Ensure Information Asset Owners implement the right measures to make the regional IT landscape compliant and secure. For instance, adhere to GDPR and client requirements data sovereignty requirement for Middle east & India.

• Discuss compliance and audit findings with management and develop action plans to address them. Will drive remediation activities across the region.

Drive Information Security awareness

• Drive education and increase Information Security awareness.

• Share relevant risk analyses and Information Security metrics with the business line.

Others experience

Functional

• Demonstrated experience in Information Security (e.g. Security Operations and / or Information Risk & Security Governance);

• Understanding of common security risk scenarios, threats, and vulnerabilities;

• Knowledge on Information Security standards, such as ISO 27001 and NIST.

Leadership

• Good stakeholder engagement skills and a healthy degree of business acumen and interest;

• Proven ability to collaborate across functions;

• Process-driven, has attention to detail and is well organized;

• Takes ownership and is not afraid to fail.

Good to have

• ISO27001 implementation, operation and management, security control audits and assessments;

• Understanding of relevant legal & compliance aspects, such as GDPR.

• Experience on working with external and internal auditors.

Skills and Qualifications:

• Bachelor or Masters Information Security, Information Technology or relevant professional experience.

• 3-8 years of experience. Ideal candidates would have work experience in both Security Operations and Governance, Risk and Compliance.

• Relevant Information Security certifications are seen as a plus, but not required.

What we offer

Fugro provides a positive work environment as well as projects that will satisfy the most curious minds. We also offer great opportunities to stretch and develop yourself. By giving you the freedom to grow faster, we think you’ll be able to do what you do best, better. Which should help us to find fresh ways to get to know the earth better. We encourage you to be yourself at Fugro. So bring your energy and enthusiasm, your keen eye and can-do attitude. But bring your questions and opinions too. Because to be the world’s leading Geo-data specialist, we need the strength in depth that comes from a diverse, driven team.

Our view on diversity, equity and inclusion
At Fugro, our people are our superpower. Their variety of viewpoints, experiences, knowledge and talents give us collective strength. Distinctive beliefs and diverse backgrounds are therefore welcome, but discrimination, harassment, inappropriate behaviour and unfair treatment are not. Everybody is to be well-supported and treated fairly. And everyone must be valued and have their voice heard. Crucially, we believe that getting this right brings a sense of belonging, of safety and acceptance, that makes us feel more connected to Fugro’s purpose ‘together create a safe and liveable world’ – and to each other.

HSE Responsibilities:
Responsible for ensuring safety of self and others at site. Prevent damage of equipment and assets Responsible for following all safety signs/procedures/ safe working practices Responsible for using appropriate PPE’s Responsible for participating in mock drills. Entitled to refuse any to undertake any activity considered unsafe. Responsible for filling up of hazard observation card, wherever hazard has been noticed at site. Responsible for safe housekeeping of his work place. To stop any operation that is deemed unsafe To be able to operate fire extinguisher in case of fire To report an incident as soon as possible to immediate supervisor and HSE manager To complete HSE trainings as instructed to do so.

Disclaimer for recruitment agencies:

Fugro does not accept any unsolicited applications from recruitment agencies. Acquisition to Fugro Recruitment or any Fugro employee is not appreciated**.**