Plans, coordinates, promotes and executes all activities to support the protection of information according to current policies in an efficient and secure way. Promotes information security best practices and helps increase awareness of company personnel regarding the confidentiality, integrity and availability of information and technology resources.
- Identify, quantify and proactively address security issues and changes in the businesses risk profile. Provide qualitative and quantitative risk assessments for tangible and intangible assets
- Promotes awareness of IT risk by implementing organization-wide initiatives that show or explain common modern vulnerabilities and traps.
- Defines and implements appropriate technology resources to support information protection for the company.
- Handle organization-wide security training and awareness.
- Implements organization-wide security awareness initiatives and provides timely information to employees and leadership regarding new and emerging threats.
- Defines and implements information protection processes and procedures in order to ensure compliance with current company´s framework. Recommends appropriate changes to the Security Policy and Procedures as needed.
- Guarantee that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
- Maintain the security level of Tenaris ´s information and technological resources to a reasonable state
- Provide regular reporting on the current status of the information security program to executive management.
- Complies with Tenaris policies, procedures and management standards, and ensures adherence with all laws and regulations that apply to the areaof responsibility.
Special Skills, Knowledge and Experience:
- Business Knowledge;
- Business Continuity/DRP;
- ISO 27001 (+IEC 62443) / Risk Management/ Data Leak Prevention;
- Strong Communication skills;
- Customer Orientation;
- Project Management;
- Strong software and computer skills, including MS Office applications;
- CRISC (desirable);
- Reporting skills to Top Management;
- Training creation and delivery.