JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.
|
|
- Mitchell Cameron
- 8 years ago
- Views:
Transcription
1 JOB ANNOUNCEMENT Chief Security Officer, Cheniere Energy, Inc. Position Overview The Vice President and Chief Security Risk Officer (CSRO) reports to the Chairman, Chief Executive Officer and President and is accountable for the development and execution of the organization s global security risk management strategy and related programs. Specifically, this position is responsible for four dimensions of security risk management with respect to the viability and survivability of the enterprise: Financial, Operational, Compliance, and Strategic. The position will lead global programs to safeguard people, assets and information systems, mitigate physical risk and manage loss prevention. The Vice President and Chief Security Risk Officer will convene an enterprise security risk management council or committee to enhance whole ofenterprise security risk management. The Vice President and Chief Security Risk Officer is responsible for (1) providing regional security teams globally with the necessary standards, processes and guidance to ensure consistent implementation of established security programs and (2) serving as the focal point for security enterprise wide. Knowledge Extensive knowledge and experience is required in the security industry including security of personnel, assets, information systems (corporate and Industrial Control System), loss prevention, travel, and incident response. Knowledge of federal and international government security agencies and contacts is desired. Knowledge of natural gas / Liquefied Natural Gas (LNG) industry is desired. Critical Domains of Knowledge The Chief Security Risk Officer should be familiar with the following corporate security domains: 1. Program Development: Every critical domain, including program strategy and structure; leadership, staffing and organization; finance and budget 1420 Beverly Road Birch Street 1
2 management; policies, procedures and protocols; technologies and technical systems; physical security; awareness; training; stakeholder communication; enterprise security risk management; and benchmarking against organizations comparable in risk, size, industry focus and business model. 2. Communications, Monitoring and Intelligence: Develop and later monitor command center operations, communications, and protective intelligence collection and analysis. 3. Emergency Preparedness: Understanding of planning frameworks, such as the National Response Plan, to prevent/mitigate, prepare, respond and recover from security events, worldwide, including but not limited to acts of targeted violence. 4. Security Continuity of Operations and Disaster Recovery: Planning required to achieve three elements as relates to information security or physical security event(s): organizational resilience, recovery and contingency. 5. Executive Protection: Planning, designing implementing, and overseeing a highly customized protective security program that reflects the goals, preferences, lifestyle and privacy of the executive afforded protection. Key areas range from trip logistics, transportation, and advances to residential security, protective intelligence and counter surveillance. Understanding the thinking and behavior of individuals who have attacked or approached prominent public figures in the United States. 6. Physical and Facilities Security: From access control and CCTV systems, to perimeter security and physical security personnel, to mail and delivery processing. 7. Information Security/Cybersecurity: Planning, designing, and managing a sophisticated information security program, including physical and cybersecurity elements, that accounts for the risk profile and risk tolerance of the company. Key areas include risk management (familiarity with ISO27001, SANS 20 Critical Security Controls, NIST , and/or NIST Cybersecurity Framework), whole of enterprise governance, strategy, policies and procedures, technology, technical incident response oversight, and crisis management. 8. Domestic and International Travel: Provide and continually update travel related security bulletins, alerts, tips and guidance for company 1420 Beverly Road Birch Street 2
3 employees on business travel, and manage appropriate security functions for personnel on business travel. In the next three years, travel is anticipated to include select executives traveling to over 15 countries primarily in the Americas, Europe, and Asia, with key offices in the United States and United Kingdom. 9. Workplace Violence Prevention and Threat Assessment: Companywide initiatives including active shooter planning, behavioral threat assessment, threat management strategies and support, policy development, threat assessment team management, and employee training and awareness. 10.Open Source Monitoring and Protective Intelligence Collection: Knowledge of how to enhance a program to leverage online research, assessment and monitoring of multiple websites, online discussions, chat rooms, message boards, talkbacks and dozens of other forums to uncover issues impacting the company, its assets, employees, brands and reputation. Understanding about how to enhance this program and integrate it with other security program components. 11.Major Event Security: Planning and coordinating security for major corporate events (estimated ~three per year) and ensuring the security of all participants and stakeholders 12.Internal Investigations: Areas such as libelous accusations, compliance violations, employee misconduct, fraud and misrepresentation and other internal affairs. 13.Background Screening: Monitoring of enterprise wide background screening policies for pre employment, current employees, and contractors. Familiarity with the necessary scope of background checks required for comprehensive screening. 14.Aviation Security: All aspects of aviation security, both domestically and internationally. Responsibilities and Essential Duties Essential Duties and Responsibilities Strategy Design and Implementation: In close collaboration with senior business and functional leaders, develop a formal, documented, risk driven global security strategy. Ensure that, at minimum, the strategy (1) defines the program s mission, vision, risk basis, goals, organizational chart and structure, 1420 Beverly Road Birch Street 3
4 strategic program components, special focus areas, and the processes and resources required to maintain and improve the program over time; and, (2) establishes clear and specific operational priorities to achieve these goals within a three to five year period. Oversee its day to day implementation across the enterprise. Risk Assessment and Information Gathering: Understand and assess the risks, threats and vulnerabilities confronting the organization and continuously align business and security resources behind these in a prioritized, risk driven manner. Gather intelligence and information to assess the risk and exposure of company assets, information, and personnel in the countries, cities and areas in which assets, information, and people are located and business is conducted. Monitor, on a continuous basis, all security threats (such as terrorist incidents, significant protests or civil disturbance, and other country specific security events) with potential implications for the program s protective and due diligence mission and objectives. Analyze business and global trends, including by market and geography, in type and level of security risks facing the company s global operations to determine and implement programs to mitigate risk into the strategic planning processes for the operations. Advise management on security issues and risks that may threaten personnel or assets. Organizational Resilience and Preparedness: Lead and direct the organization s preparation for events that could disrupt the continuity of business operations including targeted attacks (e.g., physical, cyber, informational); and criminal activity (e.g., fraud, embezzlement, theft). In addition to continuity of operations with regard to security incidents, oversee the company s global emergency response and crisis management communication as it pertains to response to a cyber or physical attack. As part of this focus, undertake a robust approach to security incident prevention, response, management and recovery. Provide leadership during times of crisis. Proactively develop programs for risk reduction and response to local, regional and global threats. Participate on the company s Business Continuity Plan and Emergency Management s Team, leading these issues with regard to security incidents. Develop and maintain an effective enterprise wide security incident management tracking and response system Beverly Road Birch Street 4
5 Represent the company on security matters including audits and investigations, involving varied operations (corporate, facilities, pipelines, chartered and/or owned vessels). Protection of Human Capital, Core Assets, Information and Reputation: Ensure the security of the organization s financial, physical and intangible assets through a balanced, holistic and integrated approach to the following: People: Identify, develop and maintain the skills and capabilities of the internal and external security personnel assigned to the corporate security program at a best practice level, including implementing training programs for security and non security personnel globally regarding pertinent security or risk mitigation topics. o Provide the regional security teams with the tools, processes and training requirements to manage security proactively including development of response teams and contingency plans. o Develop security plans for global corporate travel, events, and business activities. o Review and coordinate executive and personnel travel protection. Process: Define, develop and implement global security policies, protocols, procedures and guidelines as they pertain to all facets of security risk management. Develop and implement policies and procedures to mitigate known and anticipated risks to personnel, assets, and information, related to personnel protection, facility protection, information security, cybersecurity, workplace violence, loss prevention, travel, and security emergency response. Technology: Maintain and implement technology and state of the art equipment related to providing world class security risk management services. Advise and oversee facilities and offices to evaluate the adequacy of their security systems, programs and staffing; recommend improvements; and assist with the implementation of the improvements, as needed. Compliance: Oversee, or where appropriate support, the organization s compliance with foreign, national, state and local regulatory requirements with respect to areas such as security, data privacy, data protection, and Critical Infrastructure Protection (CIP) standards. Financial Planning, Budgeting and Performance Tracking: Manage, plan and forecast the operational and capital budgets for the global security program Beverly Road Birch Street 5
6 Track program performance using an organized and systematic methodology of metrics, measurement and security scorecards. Enterprise Security Risk Management: Coordinate whole of enterprise security risk management through a council or committee, likely including senior representatives from Information Technology, Legal, Operational, Human Resources/Facilities and Business/Marketing departments. Stakeholder Relations: On issues related to security risk management, serve as the company s chief liaison resource and maintain effective liaison with all internal and external stakeholders in the viability and success of the enterprise, including foreign, national, state and local law enforcement, intelligence, homeland security and industry regulatory agencies and their representatives as well as, where appropriate, media, investors, shareholders and strategic business partners to remain aware of the degree of any threat and the recommended mitigation measures. Qualifications (Education, Experience, and Skills): Expertise, Skills and Abilities The qualifications listed below are essential: Exceptional leadership skills including visioning, strategic planning and critical thinking. Expertise in achieving high performance results in a diverse global corporate environment including business and financial analytical capabilities and the ability to communicate, collaborate and earn trust with internal stakeholders across the company s functions, divisions, business units and regions. Strong network of security resources, security industry contacts, and established relationships around the world, both with government and in the corporate sector; an extensive first hand knowledge of various cultures and business practices worldwide; and an acute understanding of the commonalities and differences in addressing corporate security objectives and imperatives in both U.S. and non U.S. environments. Expertise in managing and directing security staff and support personnel in the operational administration of corporate security and executive protection duties. Ability to stay current with the laws, regulations and guidelines pertaining to the company s industry and an ability to understand precisely how 1420 Beverly Road Birch Street 6
7 these evolving mandates impact the objectives, protocols and practices of the corporate security team. Ability to prepare clear and succinct written and oral communications for presentation to the company s board and senior management team. Ability to persuade and influence internal partners in matters associated with corporate security programs or initiatives. Proven track record in building, motivating and leading a professional team attuned to organizational culture, responsive to business needs and committed to integrity and best practices. Ability to work under pressure in stressful, high profile, sensitive and rapidly changing situations. Ability to maintain a positive relationship with principals, families and executive assistants regarding personal safety and security related matters and training, as well as administrative support personnel and others who play key roles in logistical planning of executive travel. Discretion as well as demonstrated experience in maintaining utmost confidentiality and privacy. Education and Experience The candidate must possess a minimum of 15 years experience in working and/or leading, at a senior level, a corporate or government security program, or both. Ten years experience in a corporate security environment, or commensurate senior security risk management experience, is strongly desired. Advanced education is a plus and enhances the candidate s credentials. BA, BS, and Degrees in law, business administration, accounting and finance, security management, homeland security, information systems management or law enforcement and public safety are preferred. Knowledge of U.S. federal and international government security agencies is desired. The combination of experience and education should be taken into consideration. Memberships, Licenses and Certifications Active membership in recognized security organizations such as American Society for Industrial Security (ASIS), International Security Management Association (ISMA) or other professional security associations is desired. Language and Computer Literacy Skills Fluency in English is a requirement. Fluency in additional languages is encouraged. The candidate must have proficiency in Microsoft Office applications such as Excel, Word, and PowerPoint Beverly Road Birch Street 7
8 Skills/Competencies: Excellent understanding of corporate security best practices Strong strategic, analytical and decision making skills Ability to communicate complex concepts clearly Ability to plan, coordinate and lead the work of others Strong knowledge of the security industry, including best practices in physical, technical, personnel, information, legal, and administrative security disciplines Experience in creating tools and processes and leading change in a high tech corporate environment Knowledge of current and emerging security technology and integrated security systems Knowledge of investigative techniques and best practices Proven leadership and organizational skills with a practical, operational sense International experience Significant knowledge of federal and international government security community and contacts Direct Reports The CSRO will have significant discretion to build the corporate security risk management team. Direct reports likely include a deputy Security Director or IT Security Director, Guard Force Security Director, Security Analysts, Security Compliance Director, and others as the corporate security function develops. Freedom to Act Ability to multi task and function in a highly dynamic atmosphere; must exercise discretion independently. Work Conditions Job is performed in a typical office environment but is subject to time pressures and constraints and is often dependent on input from others. Occasionally, work may be performed from home, after normal work hours or on weekends. Periodic travel as business requires. Must also be able to respond on short notice to manage international security and medical crisis 1420 Beverly Road Birch Street 8
9 intervention, if required. Subject to drug and alcohol testing, per applicable federal regulations or as required by Cheniere. ADA Job Requirements Reasonable accommodations will be made to ensure that the essential functions of the job can be performed and not hinder the employee's performance due to physical, mental or emotional disability. Miscellaneous It is important for the individual to have multiple recommendations speaking to their character, ethics, professionalism, and discretion. Qualified candidates should apply by sending an to with the job title in the subject line. The should include a cover letter and a resume (in MS Word format). Red Five Security is an equal opportunity employer and actively seeks candidates from a diverse background. Posted: May Beverly Road Birch Street 9
Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record
Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Roberta Stempfley Acting Assistant Secretary for Cybersecurity and Communications
More informationBUSINESS CONTINUITY PLANNING
Policy 8.3.2 Business Responsible Party: President s Office BUSINESS CONTINUITY PLANNING Overview The UT Health Science Center at San Antonio (Health Science Center) is committed to its employees, students,
More informationFFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors
Overview for Chief Executive Officers and Boards of Directors In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed
More informationPhysical Security Services
Physical Security Services The ANVIL Group Physical Security Services The ANVIL Group is an internationally renowned and accredited security company specialising in Crisis Avoidance. Established in 1988,
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More information11/12/2013. Role of the Board. Risk Appetite. Strategy, Planning and Performance. Risk Governance Framework. Assembling an effective team
Role of the Board Risk Appetite Strategy, Planning and Performance Risk Governance Framework Assembling an effective team Role of the CEO Accountability and Disclosure 1 Board members should act on a fully
More informationState Agency Cyber Security Survey v 3.4 2 October 2014. State Agency Cybersecurity Survey v 3.4
State Agency Cybersecurity Survey v 3.4 The purpose of this survey is to identify your agencies current capabilities with respect to information systems/cyber security and any challenges and/or successes
More informationApril 8, 2013. Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899
Salt River Project P.O. Box 52025 Mail Stop: CUN204 Phoenix, AZ 85072 2025 Phone: (602) 236 6011 Fax: (602) 629 7988 James.Costello@srpnet.com James J. Costello Director, Enterprise IT Security April 8,
More informationData Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322
Business Continuity and Disaster Recovery Job Descriptions Table of Contents Business Continuity Services Organization Chart... 2 Director Business Continuity Services Group... 3 Manager of Business Recovery
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationBUSINESS CONTINUITY POLICY
BUSINESS CONTINUITY POLICY Last Review Date Approving Body n/a Audit Committee Date of Approval 9 th January 2014 Date of Implementation 1 st February 2014 Next Review Date February 2017 Review Responsibility
More informationCYBER SECURITY GUIDANCE
CYBER SECURITY GUIDANCE With the pervasiveness of information technology (IT) and cyber networks systems in nearly every aspect of society, effectively securing the Nation s critical infrastructure requires
More informationWhite Paper on Financial Institution Vendor Management
White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety
More informationTHE WHITE HOUSE. Office of the Press Secretary. For Immediate Release February 12, 2013. February 12, 2013
THE WHITE HOUSE Office of the Press Secretary For Immediate Release February 12, 2013 February 12, 2013 PRESIDENTIAL POLICY DIRECTIVE/PPD-21 SUBJECT: Critical Infrastructure Security and Resilience The
More informationVendor Risk Management Financial Organizations
Webinar Series Vendor Risk Management Financial Organizations Bob Justus Chief Security Officer Allgress Randy Potts Managing Consultant FishNet Security Bob Justus Chief Security Officer, Allgress Current
More informationDTCC RISK COMMITTEE CHARTER
DTCC RISK COMMITTEE CHARTER Purpose The ability to identify, manage and mitigate risk is fundamental to the services that The Depository Trust & Clearing Corporation ( DTCC ) provides to its members and
More informationBSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012
To: From: Subject: Status: Date of Meeting: BSO Board Director of Human Resources & Corporate Services Business Continuity Policy For Approval 28 February 2012 The Board is asked to agree the attached
More informationCLASSIFICATION SPECIFICATION FORM
www.mpi.mb.ca CLASSIFICATION SPECIFICATION FORM Human Resources CLASSIFICATION TITLE: POSITION TITLE: (If different from above) DEPARTMENT: DIVISION: LOCATION: Executive Director Executive Director, Information
More informationFederal Bureau of Investigation s Integrity and Compliance Program
Evaluation and Inspection Division Federal Bureau of Investigation s Integrity and Compliance Program November 2011 I-2012-001 EXECUTIVE DIGEST In June 2007, the Federal Bureau of Investigation (FBI) established
More informationFEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB 2014-05. Cyber Risk Management Guidance. Purpose
FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB 2014-05 Cyber Risk Management Guidance Purpose This advisory bulletin provides Federal Housing Finance Agency (FHFA) guidance on cyber risk management.
More informationCyber security: everybody s imperative. A guide for the C-suite and boards on guarding against cyber risks
Cyber security: everybody s imperative A guide for the C-suite and boards on guarding against cyber risks Secure Enhance risk-prioritized controls to protect against known and emerging threats, and comply
More informationHomeland Security for Schools: Threat Status Alert Worksheet
for Schools: Threat Status Alert Worksheet The Green Alert Status reflects a low risk of terrorist attacks. The primary goal of a safe school plan is to safeguard schools against crime, violence and disruption.
More informationLegislative Language
Legislative Language SEC. 1. COORDINATION OF FEDERAL INFORMATION SECURITY POLICY. (a) IN GENERAL. Chapter 35 of title 44, United States Code, is amended by striking subchapters II and III and inserting
More informationGlobal Security Program Overview
STATE STREET GLOBAL SECURITY Global Security Program Overview ASIS International Kansas City Chapter March 5, 2015 Stephen D Baker CPP Vice President & Deputy Chief Security Officer About State Street
More informationRegulatory Compliance Management for Energy and Utilities
Regulatory Compliance Management for Energy and Utilities The Energy and Utility (E&U) sector is transforming as enterprises are looking for ways to replace aging infrastructure and create clean, sustainable
More informationEMERGENCY PREPAREDNESS PLAN Business Continuity Plan
EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic
More informationCyberSecurity Solutions. Delivering
CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions
More informationSecurity Management Systems (SEMS) for Air Transport Operators. Executive Summary
Security Management Systems (SEMS) for Air Transport Operators Executive Summary March 2011 Security Management Systems (SeMS) for Air Transport Operators Introduction and Scope Executive Summary In early
More informationGUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012
GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental
More informationAudit of NRC s Network Security Operations Center
Audit of NRC s Network Security Operations Center OIG-16-A-07 January 11, 2016 All publicly available OIG reports (including this report) are accessible through NRC s Web site at http://www.nrc.gov/reading-rm/doc-collections/insp-gen
More informationBCP and DR. P K Patel AGM, MoF
BCP and DR P K Patel AGM, MoF Key difference between BS 25999 and ISO 22301 ISO 22301 puts a much greater emphasis on setting the objectives, monitoring performance and metrics aligning BC to top management
More informationBusiness Continuity Management Framework 2014 2017
Business Continuity Management Framework 2014 2017 Blackpool Council Business Continuity Framework V3.0 Page 1 of 13 CONTENTS 1.0 Forward 03 2.0 Administration 04 3.0 Policy 05 4.0 Business Continuity
More informationBusiness Continuity Management
Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective
More informationRE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity
October 10, 2014 Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 RE: Experience with the Framework for Improving Critical Infrastructure
More informationEl Camino College Homeland Security Spring 2016 Courses
El Camino College Homeland Security Spring 2016 Courses With over 250,000 federal positions in Homeland Security and associated divisions, students may find good career opportunities in this field. Explore
More information2015 CEO & Board University Cybersecurity on the Rise. Matthew J. Putvinski, CPA, CISA, CISSP
2015 CEO & Board University Cybersecurity on the Rise Matthew J. Putvinski, CPA, CISA, CISSP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2011 Wolf & Company, P.C. About Wolf
More informationOrganizational Security Track FAQ
Organizational Security Track FAQ What do organizational security management professionals do? Organizational security management professionals are employed by organizations (corporations, partnerships,
More informationThe Next Generation of Security Leaders
The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish
More informationICBA Summary of FFIEC Cybersecurity Assessment Tool
ICBA Summary of FFIEC Cybersecurity Assessment Tool July 2015 Contact: Jeremy Dalpiaz Assistant Vice President Cyber Security and Data Security Policy Jeremy.Dalpiaz@icba.org www.icba.org ICBA Summary
More informationCLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY
CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS Cybersecurity and information security have become key challenges for
More informationEnterprise Security Tactical Plan
Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise
More informationRemarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the
Remarks by Carolyn G. DuChene Deputy Comptroller Operational Risk at the Bank Safety and Soundness Advisor Community Bank Enterprise Risk Management Seminar Washington, D.C. October 22, 2012 Good afternoon,
More informationGlobal Statement of Business Continuity
Business Continuity Management Version 1.0-2014 Date October 18, 2014 Status Author Business Continuity Management (BCM) Page 1 of 8 Table of Contents 1. Credit Suisse Business Continuity Statement 3 2.
More informationNational Cyber Security Policy -2013
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
More informationPurpose of the Governor s strategy. Guiding Principles
Purpose of the Governor s strategy The Governor s initiative to develop and implement a State of Tennessee program to counter terrorism within the State is outlined in this document. The primary purpose
More informationBEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT
BEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT Northrop Grumman Corporation Trusted, Innovative, World-Class Supply Chain INTERVIEWS Kevin Engfer Director, Supplier Mission Assurance, Northrop Grumman
More informationCOUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide
COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E Protecting Key Assets: A Corporate Counterintelligence Guide E X E C U T I V E Counterintelligence for the
More informationCybersecurity Audit Why are we still Vulnerable? November 30, 2015
Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event
More informationGuide for the Role and Responsibilities of an Information Security Officer Within State Government
Guide for the Role and Responsibilities of an Information Security Officer Within State Government Table of Contents Introduction 3 The ISO in State Government 4 Successful ISOs Necessary Skills and Abilities
More information2 Gabi Siboni, 1 Senior Research Fellow and Director,
Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,
More informationItaly. EY s Global Information Security Survey 2013
Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information
More informationCybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015
Cybersecurity: Considerations for Internal Audit IIA Atlanta Chapter Meeting January 9, 2015 Agenda Key Risks Incorporating Internal Audit Resources for Internal Auditors Questions 2 Key Risks 3 4 Key
More informationStandards for the Professional Practice of Internal Auditing
Standards for the Professional Practice of Internal Auditing THE INSTITUTE OF INTERNAL AUDITORS 247 Maitland Avenue Altamonte Springs, Florida 32701-4201 Copyright c 2001 by The Institute of Internal Auditors,
More informationCybersecurity Enhancement Account. FY 2017 President s Budget
Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities
More informationBusiness Continuity Position Description
Position Description February 9, 2015 Position Description February 9, 2015 Page i Table of Contents General Characteristics... 2 Career Path... 3 Explanation of Proficiency Level Definitions... 8 Summary
More informationInformation Security Policy. Document ID: 3809 Version: 1.0 Owner: Chief Security Officer, Security Services
Information Security Policy Document ID: 3809 Version: 1.0 Owner: Chief Security Officer, Security Services Contents 1 Purpose / Objective... 1 1.1 Information Security... 1 1.2 Purpose... 1 1.3 Objectives...
More informationTravel Emergency, Risk Mitigation, and Duty of Care Considerations and Tools for Today s Challenging World
Travel Emergency, Risk Mitigation, and Duty of Care Considerations and Tools for Today s Challenging World Savings. Solutions. Systems. Presenters: Mike MacNair, President & CEO of MacNair Travel Management
More informationInternal Auditing: Assurance, Insight, and Objectivity
Internal Auditing: Assurance, Insight, and Objectivity WHAT IS INTERNAL AUDITING? INTERNAL AUDITING business people all around the world are familiar with the term. But do they understand the value it
More informationPRIORITIZING CYBERSECURITY
April 2016 PRIORITIZING CYBERSECURITY Five Investor Questions for Portfolio Company Boards Foreword As the frequency and severity of cyber attacks against global businesses continue to escalate, both companies
More informationWhite Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA
White Paper Achieving GLBA Compliance through Security Information Management White Paper / GLBA Contents Executive Summary... 1 Introduction: Brief Overview of GLBA... 1 The GLBA Challenge: Securing Financial
More informationCyber ROI. A practical approach to quantifying the financial benefits of cybersecurity
Cyber ROI A practical approach to quantifying the financial benefits of cybersecurity Cyber Investment Challenges In 2015, global cybersecurity spending is expected to reach an all-time high of $76.9
More informationENTERPRISE RISK MANAGEMENT FRAMEWORK
ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...
More informationCertified Identity and Access Manager (CIAM) Overview & Curriculum
Identity and access management (IAM) is the most important discipline of the information security field. It is the foundation of any information security program and one of the information security management
More informationBusiness Continuity Policy and Business Continuity Management System
Business Continuity Policy and Business Continuity Management System Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain
More informationExperience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.
Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC. During the last few months of 2013, six federal agencies
More informationJOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015
JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement
More informationMAJOR PROJECTS CONSTRUCTION SAFETY STANDARD HS-09 Revision 0
MAJOR PROJECTS CONSTRUCTION SAFETY SECURITY MANAGEMENT PROGRAM STANDARD HS-09 Document Owner(s) Tom Munro Project/Organization Role Supervisor, Major Projects Safety & Security (Canada) Version Control:
More informationBirmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy
Birmingham CrossCity Clinical Commissioning Group Business Continuity Management Policy Version V1.0 Ratified by Operational Development Group Date ratified 6 th November 2014 Name of originator / author
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationPerforms the Federal coordination role for supporting the energy requirements associated with National Special Security Events.
ESF Coordinator: Energy Primary Agency: Energy Support Agencies: Agriculture Commerce Defense Homeland Security the Interior Labor State Transportation Environmental Protection Agency Nuclear Regulatory
More informationOCCUPATIONAL STANDARD (For use in the development of supply chain related job descriptions, performance evaluations, career development plans, etc.
OCCUPATIONAL STANDARD (For use in the development of supply chain related job descriptions, performance evaluations, career development plans, etc.) Description of Position (As defined by the CSCSC Stakeholder
More informationShankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD.
Business Continuity Management & Disaster Recovery Planning Presented by: Shankar Gawade VP IT INFRASTRUCTURE ENAM SECURITIES PVT. LTD. 1 What is Business Continuity Management? Is a holistic management
More informationwww.pwc.fi We believe successful global organisations can confront fraud, corruption and abuse PwC Finland Forensic Services
www.pwc.fi We believe successful global organisations can confront fraud, corruption and abuse Finland Who are we? Bring a robust forensics team to the table to support your organisation Our practice can
More informationTEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS
TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS INTRODUCTION The purpose of this document is to list the aligned with each in the Texas Homeland Security Strategic Plan 2015-2020 (THSSP).
More informationA MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS
A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS CYBER ATTACKS INFILTRATE CRITICAL INFRASTRUCTURE SECTORS Government and enterprise critical infrastructure sectors such as energy, communications
More informationAccenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges
Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationEmergency Preparedness: Learning Objectives. Minimizing and Controlling Future Disasters. SHRM Disaster Preparedness Survey 3.
Emergency Preparedness: 1 Minimizing and Controlling Future Disasters October 7-8, 2013 Presenter: Marna Hayden, SPHR Hayden Resources Inc. www.haydenhr.com Learning Objectives How to develop emergency
More informationCORE Security and GLBA
CORE Security and GLBA Addressing the Graham-Leach-Bliley Act with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com
More informationCompany Management System. Business Continuity in SIA
Company Management System Business Continuity in SIA Document code: Classification: Company Project/Service Year Document No. Version Public INDEX 1. INTRODUCTION... 3 2. SIA S BUSINESS CONTINUITY MANAGEMENT
More informationIntroduction. Special thanks to the following individuals who were instrumental in the development of the toolkits:
Introduction In this digital age, we rely on our computers and devices for so many aspects of our lives that the need to be proactive and vigilant to protect against cyber threats has never been greater.
More informationDatabase and Marketing Insight Officer
Database and Marketing Insight Officer Job Description Job Title: Database and Marketing Insight Officer Reports to: Head of Marketing & Communications Close liaison with: Head of Donor Development Salary:
More informationSEC update: Cybersecurity initiatives. SEC update: Cybersecurity initiatives. Intelligize // 02
Intelligize // 02 As is tradition, at the beginning of the year, the U.S. Securities and Exchange Commission outlined both its current state of affairs and annual goals for maintaining proper compliance
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationThe PNC Financial Services Group, Inc. Business Continuity Program
The PNC Financial Services Group, Inc. Business Continuity Program subsidiaries) 1 Content Overview A. Introduction Page 3 B. Governance Model Page 4 C. Program Components Page 4 Business Impact Analysis
More informationBUSINESS CONTINUITY MANAGEMENT FRAMEWORK
BUSINESS CONTINUITY MANAGEMENT FRAMEWORK Document Author: Civil Contingencies Service - Authorised by the CCS Joint Management Board - Version 1.0. Issued December 2012 Page 1 FRAMEWORK STATEMENT Business
More informationBusiness Continuity and Disaster Planning
WHITE PAPER Business Continuity and Disaster Planning A guide to preparing for the unexpected Robert Drewniak Director, Strategic & Advisory Services Disasters are not always the result of high winds and
More informationBusiness Continuity Management Governance. Frank Higgins Abu Dhabi March 2015
Business Continuity Management Governance Frank Higgins Abu Dhabi March 2015 Different Names Same Concept BCM (Business Continuity Management) BSI 25999 IPOCM (Incident Preparedness & Operational Continuity
More informationACCOUNTING CLERK Position Code: PRAC. ASST. AIRCRAFT TECHNICAL SPECIALIST Position Code: PRAATS. BUSINESS ANALYST Position Code: PRBA
ACCOUNTING CLERK Position Code: PRAC Support accounting operations by filing documents and reconciling statements in a timely and efficient manner; has understanding on General Accounting procedures; can
More informationAddress C-level Cybersecurity issues to enable and secure Digital transformation
Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,
More informationAligning Compliance Program Priorities with Business Objectives
Aligning Compliance Program Priorities with Business Objectives By Jay G. Martin Vice President, Chief Compliance Officer and Senior Deputy General Counsel Baker Hughes Incorporated CAIL Institute for
More informationCybersecurity Credentials Collaborative (C3) cybersecuritycc.org
Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org October 2015 Collaboration Members Certification Matters The Cybersecurity Credentials Collaborative (C3) was formed in 2011 to provide
More informationwww.pwc.com Surviving Contact with Reality Crisis exercises as a key element of cyber incident and crisis management response.
www.pwc.com Surviving Contact with Reality Crisis exercises as a key element of cyber incident and crisis management response. What Happened to the Dinosaurs Avoiding the Extinction- Level Event Corporations
More informationExecutive Management of Information Security
WHITE PAPER Executive Management of Information Security _experience the commitment Entire contents 2004, 2010 by CGI Group Inc. All rights reserved. Reproduction of this publication in any form without
More informationLAW ENFORCEMENT PROGRAM ACCREDITATION MANAGER (PROGRAM SPECIALIST 4)
From: To: Subject: Date: Galvan, Jodie Galvan, Jodie Emailing: Job Bulletin Tuesday, June 30, 2015 10:15:40 AM State of Washington Dept. of Fish and Wildlife invites applications for the position of: Accreditation
More informationINFORMATION SECURITY STRATEGIC PLAN
INFORMATION SECURITY STRATEGIC PLAN UNIVERSITY OF CONNECTICUT INFORMATION SECURITY OFFICE 4/20/10 University of Connecticut / Jason Pufahl, CISSP, CISM 1 1 MISSION STATEMENT The mission of the Information
More informationOCC 98-3 OCC BULLETIN
To: Chief Executive Officers and Chief Information Officers of all National Banks, General Managers of Federal Branches and Agencies, Deputy Comptrollers, Department and Division Heads, and Examining Personnel
More informationASSE On-Site Seminar Course Selections
ASSE On-Site Seminar Course Selections - SAFETY & HEALTH MANAGEMENT - Safety Management Part I: Fundamental Concepts An excellent basic seminar. This seminar suggests fundamental elements that form an
More information