JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc.

Size: px
Start display at page:

Download "JOB ANNOUNCEMENT. Chief Security Officer, Cheniere Energy, Inc."

Transcription

1 JOB ANNOUNCEMENT Chief Security Officer, Cheniere Energy, Inc. Position Overview The Vice President and Chief Security Risk Officer (CSRO) reports to the Chairman, Chief Executive Officer and President and is accountable for the development and execution of the organization s global security risk management strategy and related programs. Specifically, this position is responsible for four dimensions of security risk management with respect to the viability and survivability of the enterprise: Financial, Operational, Compliance, and Strategic. The position will lead global programs to safeguard people, assets and information systems, mitigate physical risk and manage loss prevention. The Vice President and Chief Security Risk Officer will convene an enterprise security risk management council or committee to enhance whole ofenterprise security risk management. The Vice President and Chief Security Risk Officer is responsible for (1) providing regional security teams globally with the necessary standards, processes and guidance to ensure consistent implementation of established security programs and (2) serving as the focal point for security enterprise wide. Knowledge Extensive knowledge and experience is required in the security industry including security of personnel, assets, information systems (corporate and Industrial Control System), loss prevention, travel, and incident response. Knowledge of federal and international government security agencies and contacts is desired. Knowledge of natural gas / Liquefied Natural Gas (LNG) industry is desired. Critical Domains of Knowledge The Chief Security Risk Officer should be familiar with the following corporate security domains: 1. Program Development: Every critical domain, including program strategy and structure; leadership, staffing and organization; finance and budget 1420 Beverly Road Birch Street 1

2 management; policies, procedures and protocols; technologies and technical systems; physical security; awareness; training; stakeholder communication; enterprise security risk management; and benchmarking against organizations comparable in risk, size, industry focus and business model. 2. Communications, Monitoring and Intelligence: Develop and later monitor command center operations, communications, and protective intelligence collection and analysis. 3. Emergency Preparedness: Understanding of planning frameworks, such as the National Response Plan, to prevent/mitigate, prepare, respond and recover from security events, worldwide, including but not limited to acts of targeted violence. 4. Security Continuity of Operations and Disaster Recovery: Planning required to achieve three elements as relates to information security or physical security event(s): organizational resilience, recovery and contingency. 5. Executive Protection: Planning, designing implementing, and overseeing a highly customized protective security program that reflects the goals, preferences, lifestyle and privacy of the executive afforded protection. Key areas range from trip logistics, transportation, and advances to residential security, protective intelligence and counter surveillance. Understanding the thinking and behavior of individuals who have attacked or approached prominent public figures in the United States. 6. Physical and Facilities Security: From access control and CCTV systems, to perimeter security and physical security personnel, to mail and delivery processing. 7. Information Security/Cybersecurity: Planning, designing, and managing a sophisticated information security program, including physical and cybersecurity elements, that accounts for the risk profile and risk tolerance of the company. Key areas include risk management (familiarity with ISO27001, SANS 20 Critical Security Controls, NIST , and/or NIST Cybersecurity Framework), whole of enterprise governance, strategy, policies and procedures, technology, technical incident response oversight, and crisis management. 8. Domestic and International Travel: Provide and continually update travel related security bulletins, alerts, tips and guidance for company 1420 Beverly Road Birch Street 2

3 employees on business travel, and manage appropriate security functions for personnel on business travel. In the next three years, travel is anticipated to include select executives traveling to over 15 countries primarily in the Americas, Europe, and Asia, with key offices in the United States and United Kingdom. 9. Workplace Violence Prevention and Threat Assessment: Companywide initiatives including active shooter planning, behavioral threat assessment, threat management strategies and support, policy development, threat assessment team management, and employee training and awareness. 10.Open Source Monitoring and Protective Intelligence Collection: Knowledge of how to enhance a program to leverage online research, assessment and monitoring of multiple websites, online discussions, chat rooms, message boards, talkbacks and dozens of other forums to uncover issues impacting the company, its assets, employees, brands and reputation. Understanding about how to enhance this program and integrate it with other security program components. 11.Major Event Security: Planning and coordinating security for major corporate events (estimated ~three per year) and ensuring the security of all participants and stakeholders 12.Internal Investigations: Areas such as libelous accusations, compliance violations, employee misconduct, fraud and misrepresentation and other internal affairs. 13.Background Screening: Monitoring of enterprise wide background screening policies for pre employment, current employees, and contractors. Familiarity with the necessary scope of background checks required for comprehensive screening. 14.Aviation Security: All aspects of aviation security, both domestically and internationally. Responsibilities and Essential Duties Essential Duties and Responsibilities Strategy Design and Implementation: In close collaboration with senior business and functional leaders, develop a formal, documented, risk driven global security strategy. Ensure that, at minimum, the strategy (1) defines the program s mission, vision, risk basis, goals, organizational chart and structure, 1420 Beverly Road Birch Street 3

4 strategic program components, special focus areas, and the processes and resources required to maintain and improve the program over time; and, (2) establishes clear and specific operational priorities to achieve these goals within a three to five year period. Oversee its day to day implementation across the enterprise. Risk Assessment and Information Gathering: Understand and assess the risks, threats and vulnerabilities confronting the organization and continuously align business and security resources behind these in a prioritized, risk driven manner. Gather intelligence and information to assess the risk and exposure of company assets, information, and personnel in the countries, cities and areas in which assets, information, and people are located and business is conducted. Monitor, on a continuous basis, all security threats (such as terrorist incidents, significant protests or civil disturbance, and other country specific security events) with potential implications for the program s protective and due diligence mission and objectives. Analyze business and global trends, including by market and geography, in type and level of security risks facing the company s global operations to determine and implement programs to mitigate risk into the strategic planning processes for the operations. Advise management on security issues and risks that may threaten personnel or assets. Organizational Resilience and Preparedness: Lead and direct the organization s preparation for events that could disrupt the continuity of business operations including targeted attacks (e.g., physical, cyber, informational); and criminal activity (e.g., fraud, embezzlement, theft). In addition to continuity of operations with regard to security incidents, oversee the company s global emergency response and crisis management communication as it pertains to response to a cyber or physical attack. As part of this focus, undertake a robust approach to security incident prevention, response, management and recovery. Provide leadership during times of crisis. Proactively develop programs for risk reduction and response to local, regional and global threats. Participate on the company s Business Continuity Plan and Emergency Management s Team, leading these issues with regard to security incidents. Develop and maintain an effective enterprise wide security incident management tracking and response system Beverly Road Birch Street 4

5 Represent the company on security matters including audits and investigations, involving varied operations (corporate, facilities, pipelines, chartered and/or owned vessels). Protection of Human Capital, Core Assets, Information and Reputation: Ensure the security of the organization s financial, physical and intangible assets through a balanced, holistic and integrated approach to the following: People: Identify, develop and maintain the skills and capabilities of the internal and external security personnel assigned to the corporate security program at a best practice level, including implementing training programs for security and non security personnel globally regarding pertinent security or risk mitigation topics. o Provide the regional security teams with the tools, processes and training requirements to manage security proactively including development of response teams and contingency plans. o Develop security plans for global corporate travel, events, and business activities. o Review and coordinate executive and personnel travel protection. Process: Define, develop and implement global security policies, protocols, procedures and guidelines as they pertain to all facets of security risk management. Develop and implement policies and procedures to mitigate known and anticipated risks to personnel, assets, and information, related to personnel protection, facility protection, information security, cybersecurity, workplace violence, loss prevention, travel, and security emergency response. Technology: Maintain and implement technology and state of the art equipment related to providing world class security risk management services. Advise and oversee facilities and offices to evaluate the adequacy of their security systems, programs and staffing; recommend improvements; and assist with the implementation of the improvements, as needed. Compliance: Oversee, or where appropriate support, the organization s compliance with foreign, national, state and local regulatory requirements with respect to areas such as security, data privacy, data protection, and Critical Infrastructure Protection (CIP) standards. Financial Planning, Budgeting and Performance Tracking: Manage, plan and forecast the operational and capital budgets for the global security program Beverly Road Birch Street 5

6 Track program performance using an organized and systematic methodology of metrics, measurement and security scorecards. Enterprise Security Risk Management: Coordinate whole of enterprise security risk management through a council or committee, likely including senior representatives from Information Technology, Legal, Operational, Human Resources/Facilities and Business/Marketing departments. Stakeholder Relations: On issues related to security risk management, serve as the company s chief liaison resource and maintain effective liaison with all internal and external stakeholders in the viability and success of the enterprise, including foreign, national, state and local law enforcement, intelligence, homeland security and industry regulatory agencies and their representatives as well as, where appropriate, media, investors, shareholders and strategic business partners to remain aware of the degree of any threat and the recommended mitigation measures. Qualifications (Education, Experience, and Skills): Expertise, Skills and Abilities The qualifications listed below are essential: Exceptional leadership skills including visioning, strategic planning and critical thinking. Expertise in achieving high performance results in a diverse global corporate environment including business and financial analytical capabilities and the ability to communicate, collaborate and earn trust with internal stakeholders across the company s functions, divisions, business units and regions. Strong network of security resources, security industry contacts, and established relationships around the world, both with government and in the corporate sector; an extensive first hand knowledge of various cultures and business practices worldwide; and an acute understanding of the commonalities and differences in addressing corporate security objectives and imperatives in both U.S. and non U.S. environments. Expertise in managing and directing security staff and support personnel in the operational administration of corporate security and executive protection duties. Ability to stay current with the laws, regulations and guidelines pertaining to the company s industry and an ability to understand precisely how 1420 Beverly Road Birch Street 6

7 these evolving mandates impact the objectives, protocols and practices of the corporate security team. Ability to prepare clear and succinct written and oral communications for presentation to the company s board and senior management team. Ability to persuade and influence internal partners in matters associated with corporate security programs or initiatives. Proven track record in building, motivating and leading a professional team attuned to organizational culture, responsive to business needs and committed to integrity and best practices. Ability to work under pressure in stressful, high profile, sensitive and rapidly changing situations. Ability to maintain a positive relationship with principals, families and executive assistants regarding personal safety and security related matters and training, as well as administrative support personnel and others who play key roles in logistical planning of executive travel. Discretion as well as demonstrated experience in maintaining utmost confidentiality and privacy. Education and Experience The candidate must possess a minimum of 15 years experience in working and/or leading, at a senior level, a corporate or government security program, or both. Ten years experience in a corporate security environment, or commensurate senior security risk management experience, is strongly desired. Advanced education is a plus and enhances the candidate s credentials. BA, BS, and Degrees in law, business administration, accounting and finance, security management, homeland security, information systems management or law enforcement and public safety are preferred. Knowledge of U.S. federal and international government security agencies is desired. The combination of experience and education should be taken into consideration. Memberships, Licenses and Certifications Active membership in recognized security organizations such as American Society for Industrial Security (ASIS), International Security Management Association (ISMA) or other professional security associations is desired. Language and Computer Literacy Skills Fluency in English is a requirement. Fluency in additional languages is encouraged. The candidate must have proficiency in Microsoft Office applications such as Excel, Word, and PowerPoint Beverly Road Birch Street 7

8 Skills/Competencies: Excellent understanding of corporate security best practices Strong strategic, analytical and decision making skills Ability to communicate complex concepts clearly Ability to plan, coordinate and lead the work of others Strong knowledge of the security industry, including best practices in physical, technical, personnel, information, legal, and administrative security disciplines Experience in creating tools and processes and leading change in a high tech corporate environment Knowledge of current and emerging security technology and integrated security systems Knowledge of investigative techniques and best practices Proven leadership and organizational skills with a practical, operational sense International experience Significant knowledge of federal and international government security community and contacts Direct Reports The CSRO will have significant discretion to build the corporate security risk management team. Direct reports likely include a deputy Security Director or IT Security Director, Guard Force Security Director, Security Analysts, Security Compliance Director, and others as the corporate security function develops. Freedom to Act Ability to multi task and function in a highly dynamic atmosphere; must exercise discretion independently. Work Conditions Job is performed in a typical office environment but is subject to time pressures and constraints and is often dependent on input from others. Occasionally, work may be performed from home, after normal work hours or on weekends. Periodic travel as business requires. Must also be able to respond on short notice to manage international security and medical crisis 1420 Beverly Road Birch Street 8

9 intervention, if required. Subject to drug and alcohol testing, per applicable federal regulations or as required by Cheniere. ADA Job Requirements Reasonable accommodations will be made to ensure that the essential functions of the job can be performed and not hinder the employee's performance due to physical, mental or emotional disability. Miscellaneous It is important for the individual to have multiple recommendations speaking to their character, ethics, professionalism, and discretion. Qualified candidates should apply by sending an to with the job title in the subject line. The should include a cover letter and a resume (in MS Word format). Red Five Security is an equal opportunity employer and actively seeks candidates from a diverse background. Posted: May Beverly Road Birch Street 9

BUSINESS CONTINUITY PLANNING

BUSINESS CONTINUITY PLANNING Policy 8.3.2 Business Responsible Party: President s Office BUSINESS CONTINUITY PLANNING Overview The UT Health Science Center at San Antonio (Health Science Center) is committed to its employees, students,

More information

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record

Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Cyber Side-Effects: How Secure is the Personal Information Entered into the Flawed Healthcare.gov? Statement for the Record Roberta Stempfley Acting Assistant Secretary for Cybersecurity and Communications

More information

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors Overview for Chief Executive Officers and Boards of Directors In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed

More information

State Agency Cyber Security Survey v 3.4 2 October 2014. State Agency Cybersecurity Survey v 3.4

State Agency Cyber Security Survey v 3.4 2 October 2014. State Agency Cybersecurity Survey v 3.4 State Agency Cybersecurity Survey v 3.4 The purpose of this survey is to identify your agencies current capabilities with respect to information systems/cyber security and any challenges and/or successes

More information

Physical Security Services

Physical Security Services Physical Security Services The ANVIL Group Physical Security Services The ANVIL Group is an internationally renowned and accredited security company specialising in Crisis Avoidance. Established in 1988,

More information

BSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012

BSO Board Director of Human Resources & Corporate Services Business Continuity Policy. 28 February 2012 To: From: Subject: Status: Date of Meeting: BSO Board Director of Human Resources & Corporate Services Business Continuity Policy For Approval 28 February 2012 The Board is asked to agree the attached

More information

Risk and Information Security Committee Charter

Risk and Information Security Committee Charter Risk and Information Security Committee Charter Effective Date March 3, 2015 Document Summary Title: Risk and Information Security Committee Charter Policy Owner: Risk and Information Security Committee

More information

FFIEC Cybersecurity Assessment Tool

FFIEC Cybersecurity Assessment Tool Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,

More information

11/12/2013. Role of the Board. Risk Appetite. Strategy, Planning and Performance. Risk Governance Framework. Assembling an effective team

11/12/2013. Role of the Board. Risk Appetite. Strategy, Planning and Performance. Risk Governance Framework. Assembling an effective team Role of the Board Risk Appetite Strategy, Planning and Performance Risk Governance Framework Assembling an effective team Role of the CEO Accountability and Disclosure 1 Board members should act on a fully

More information

Data Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322

Data Center Assistance Group, Inc. DCAG Contact: Tom Bronack Phone: (718) 591-5553 Email: bronackt@dcag.com Fax: (718) 380-7322 Business Continuity and Disaster Recovery Job Descriptions Table of Contents Business Continuity Services Organization Chart... 2 Director Business Continuity Services Group... 3 Manager of Business Recovery

More information

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to

More information

BUSINESS CONTINUITY POLICY

BUSINESS CONTINUITY POLICY BUSINESS CONTINUITY POLICY Last Review Date Approving Body n/a Audit Committee Date of Approval 9 th January 2014 Date of Implementation 1 st February 2014 Next Review Date February 2017 Review Responsibility

More information

CLASSIFICATION SPECIFICATION FORM

CLASSIFICATION SPECIFICATION FORM www.mpi.mb.ca CLASSIFICATION SPECIFICATION FORM Human Resources CLASSIFICATION TITLE: POSITION TITLE: (If different from above) DEPARTMENT: DIVISION: LOCATION: Executive Director Executive Director, Information

More information

April 8, 2013. Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899

April 8, 2013. Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 Salt River Project P.O. Box 52025 Mail Stop: CUN204 Phoenix, AZ 85072 2025 Phone: (602) 236 6011 Fax: (602) 629 7988 James.Costello@srpnet.com James J. Costello Director, Enterprise IT Security April 8,

More information

Vendor Risk Management Financial Organizations

Vendor Risk Management Financial Organizations Webinar Series Vendor Risk Management Financial Organizations Bob Justus Chief Security Officer Allgress Randy Potts Managing Consultant FishNet Security Bob Justus Chief Security Officer, Allgress Current

More information

FRAUD CONTROL POLICY

FRAUD CONTROL POLICY FRAUD CONTROL POLICY Contents Fraud Control Policy 1 Leadership Message 4 1.1 Purpose 4 1.2 Definitions 4 1.3 Policy Objectives and Scope 4 2 Governance and Professional Ethics Statement 5 2.1 Code of

More information

Homeland Security for Schools: Threat Status Alert Worksheet

Homeland Security for Schools: Threat Status Alert Worksheet for Schools: Threat Status Alert Worksheet The Green Alert Status reflects a low risk of terrorist attacks. The primary goal of a safe school plan is to safeguard schools against crime, violence and disruption.

More information

GLOBAL SECURITY, RISK MANAGEMENT AND MITIGATION

GLOBAL SECURITY, RISK MANAGEMENT AND MITIGATION C A PA B I L I T I E S OV E R V I E W GLOBAL SECURITY, RISK MANAGEMENT AND MITIGATION AT-RISK International provides threat analysis, protection, consulting, investigations and security training in the

More information

THE WHITE HOUSE. Office of the Press Secretary. For Immediate Release February 12, 2013. February 12, 2013

THE WHITE HOUSE. Office of the Press Secretary. For Immediate Release February 12, 2013. February 12, 2013 THE WHITE HOUSE Office of the Press Secretary For Immediate Release February 12, 2013 February 12, 2013 PRESIDENTIAL POLICY DIRECTIVE/PPD-21 SUBJECT: Critical Infrastructure Security and Resilience The

More information

DTCC RISK COMMITTEE CHARTER

DTCC RISK COMMITTEE CHARTER DTCC RISK COMMITTEE CHARTER Purpose The ability to identify, manage and mitigate risk is fundamental to the services that The Depository Trust & Clearing Corporation ( DTCC ) provides to its members and

More information

Federal Bureau of Investigation s Integrity and Compliance Program

Federal Bureau of Investigation s Integrity and Compliance Program Evaluation and Inspection Division Federal Bureau of Investigation s Integrity and Compliance Program November 2011 I-2012-001 EXECUTIVE DIGEST In June 2007, the Federal Bureau of Investigation (FBI) established

More information

Business Continuity Management Framework 2014 2017

Business Continuity Management Framework 2014 2017 Business Continuity Management Framework 2014 2017 Blackpool Council Business Continuity Framework V3.0 Page 1 of 13 CONTENTS 1.0 Forward 03 2.0 Administration 04 3.0 Policy 05 4.0 Business Continuity

More information

White Paper on Financial Institution Vendor Management

White Paper on Financial Institution Vendor Management White Paper on Financial Institution Vendor Management Virtually every organization in the modern economy relies to some extent on third-party vendors that facilitate business operations in a wide variety

More information

Cyber security: everybody s imperative. A guide for the C-suite and boards on guarding against cyber risks

Cyber security: everybody s imperative. A guide for the C-suite and boards on guarding against cyber risks Cyber security: everybody s imperative A guide for the C-suite and boards on guarding against cyber risks Secure Enhance risk-prioritized controls to protect against known and emerging threats, and comply

More information

CYBER SECURITY GUIDANCE

CYBER SECURITY GUIDANCE CYBER SECURITY GUIDANCE With the pervasiveness of information technology (IT) and cyber networks systems in nearly every aspect of society, effectively securing the Nation s critical infrastructure requires

More information

Legislative Language

Legislative Language Legislative Language SEC. 1. COORDINATION OF FEDERAL INFORMATION SECURITY POLICY. (a) IN GENERAL. Chapter 35 of title 44, United States Code, is amended by striking subchapters II and III and inserting

More information

FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB 2014-05. Cyber Risk Management Guidance. Purpose

FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB 2014-05. Cyber Risk Management Guidance. Purpose FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB 2014-05 Cyber Risk Management Guidance Purpose This advisory bulletin provides Federal Housing Finance Agency (FHFA) guidance on cyber risk management.

More information

Enhancing business resilience: Transforming cyber risk management through the role of the Chief Risk Officer (CRO)

Enhancing business resilience: Transforming cyber risk management through the role of the Chief Risk Officer (CRO) www.pwc.com/financialservices Enhancing business resilience: Transforming cyber risk management through the role of the Chief Risk Officer (CRO) December 2015 Contents Introduction 4 1 Many institutions

More information

Business Continuity Management

Business Continuity Management Business Continuity Management Policy Statement & Strategy July 2009 Basildon District Council Business Continuity Management Policy Statement The Council is committed to ensuring robust and effective

More information

Global Security Program Overview

Global Security Program Overview STATE STREET GLOBAL SECURITY Global Security Program Overview ASIS International Kansas City Chapter March 5, 2015 Stephen D Baker CPP Vice President & Deputy Chief Security Officer About State Street

More information

Audit of NRC s Network Security Operations Center

Audit of NRC s Network Security Operations Center Audit of NRC s Network Security Operations Center OIG-16-A-07 January 11, 2016 All publicly available OIG reports (including this report) are accessible through NRC s Web site at http://www.nrc.gov/reading-rm/doc-collections/insp-gen

More information

Organizational Security Track FAQ

Organizational Security Track FAQ Organizational Security Track FAQ What do organizational security management professionals do? Organizational security management professionals are employed by organizations (corporations, partnerships,

More information

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012

GUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012 GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental

More information

RE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity

RE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity October 10, 2014 Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 RE: Experience with the Framework for Improving Critical Infrastructure

More information

BCP and DR. P K Patel AGM, MoF

BCP and DR. P K Patel AGM, MoF BCP and DR P K Patel AGM, MoF Key difference between BS 25999 and ISO 22301 ISO 22301 puts a much greater emphasis on setting the objectives, monitoring performance and metrics aligning BC to top management

More information

Enterprise Security Tactical Plan

Enterprise Security Tactical Plan Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise

More information

Guide for the Role and Responsibilities of an Information Security Officer Within State Government

Guide for the Role and Responsibilities of an Information Security Officer Within State Government Guide for the Role and Responsibilities of an Information Security Officer Within State Government Table of Contents Introduction 3 The ISO in State Government 4 Successful ISOs Necessary Skills and Abilities

More information

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY CLOSING THE DOOR TO CYBER ATTACKS Cybersecurity and information security have become key challenges for

More information

2 Gabi Siboni, 1 Senior Research Fellow and Director,

2 Gabi Siboni, 1 Senior Research Fellow and Director, Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,

More information

Regulatory Compliance Management for Energy and Utilities

Regulatory Compliance Management for Energy and Utilities Regulatory Compliance Management for Energy and Utilities The Energy and Utility (E&U) sector is transforming as enterprises are looking for ways to replace aging infrastructure and create clean, sustainable

More information

Security Management Systems (SEMS) for Air Transport Operators. Executive Summary

Security Management Systems (SEMS) for Air Transport Operators. Executive Summary Security Management Systems (SEMS) for Air Transport Operators Executive Summary March 2011 Security Management Systems (SeMS) for Air Transport Operators Introduction and Scope Executive Summary In early

More information

Information Security Policy. Document ID: 3809 Version: 1.0 Owner: Chief Security Officer, Security Services

Information Security Policy. Document ID: 3809 Version: 1.0 Owner: Chief Security Officer, Security Services Information Security Policy Document ID: 3809 Version: 1.0 Owner: Chief Security Officer, Security Services Contents 1 Purpose / Objective... 1 1.1 Information Security... 1 1.2 Purpose... 1 1.3 Objectives...

More information

BEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT

BEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT BEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT Northrop Grumman Corporation Trusted, Innovative, World-Class Supply Chain INTERVIEWS Kevin Engfer Director, Supplier Mission Assurance, Northrop Grumman

More information

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015 Cybersecurity: Considerations for Internal Audit IIA Atlanta Chapter Meeting January 9, 2015 Agenda Key Risks Incorporating Internal Audit Resources for Internal Auditors Questions 2 Key Risks 3 4 Key

More information

PRIORITIZING CYBERSECURITY

PRIORITIZING CYBERSECURITY April 2016 PRIORITIZING CYBERSECURITY Five Investor Questions for Portfolio Company Boards Foreword As the frequency and severity of cyber attacks against global businesses continue to escalate, both companies

More information

Business Continuity Policy and Business Continuity Management System

Business Continuity Policy and Business Continuity Management System Business Continuity Policy and Business Continuity Management System Summary: This policy sets out the structure for ensuring that the PCT has effective Business Continuity Plans in place in order to maintain

More information

Certified Identity and Access Manager (CIAM) Overview & Curriculum

Certified Identity and Access Manager (CIAM) Overview & Curriculum Identity and access management (IAM) is the most important discipline of the information security field. It is the foundation of any information security program and one of the information security management

More information

The Next Generation of Security Leaders

The Next Generation of Security Leaders The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish

More information

2015 CEO & Board University Cybersecurity on the Rise. Matthew J. Putvinski, CPA, CISA, CISSP

2015 CEO & Board University Cybersecurity on the Rise. Matthew J. Putvinski, CPA, CISA, CISSP 2015 CEO & Board University Cybersecurity on the Rise Matthew J. Putvinski, CPA, CISA, CISSP MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2011 Wolf & Company, P.C. About Wolf

More information

El Camino College Homeland Security Spring 2016 Courses

El Camino College Homeland Security Spring 2016 Courses El Camino College Homeland Security Spring 2016 Courses With over 250,000 federal positions in Homeland Security and associated divisions, students may find good career opportunities in this field. Explore

More information

ICBA Summary of FFIEC Cybersecurity Assessment Tool

ICBA Summary of FFIEC Cybersecurity Assessment Tool ICBA Summary of FFIEC Cybersecurity Assessment Tool July 2015 Contact: Jeremy Dalpiaz Assistant Vice President Cyber Security and Data Security Policy Jeremy.Dalpiaz@icba.org www.icba.org ICBA Summary

More information

CyberSecurity Solutions. Delivering

CyberSecurity Solutions. Delivering CyberSecurity Solutions Delivering Confidence Staying One Step Ahead Cyber attacks pose a real and growing threat to nations, corporations and individuals globally. As a trusted leader in cyber solutions

More information

Emergency Preparedness: Learning Objectives. Minimizing and Controlling Future Disasters. SHRM Disaster Preparedness Survey 3.

Emergency Preparedness: Learning Objectives. Minimizing and Controlling Future Disasters. SHRM Disaster Preparedness Survey 3. Emergency Preparedness: 1 Minimizing and Controlling Future Disasters October 7-8, 2013 Presenter: Marna Hayden, SPHR Hayden Resources Inc. www.haydenhr.com Learning Objectives How to develop emergency

More information

Travel Emergency, Risk Mitigation, and Duty of Care Considerations and Tools for Today s Challenging World

Travel Emergency, Risk Mitigation, and Duty of Care Considerations and Tools for Today s Challenging World Travel Emergency, Risk Mitigation, and Duty of Care Considerations and Tools for Today s Challenging World Savings. Solutions. Systems. Presenters: Mike MacNair, President & CEO of MacNair Travel Management

More information

Cybersecurity Enhancement Account. FY 2017 President s Budget

Cybersecurity Enhancement Account. FY 2017 President s Budget Cybersecurity Enhancement Account FY 2017 President s Budget February 9, 2016 Table of Contents Section 1 Purpose... 3 1A Mission Statement... 3 1.1 Appropriations Detail Table... 3 1B Vision, Priorities

More information

Business Continuity Position Description

Business Continuity Position Description Position Description February 9, 2015 Position Description February 9, 2015 Page i Table of Contents General Characteristics... 2 Career Path... 3 Explanation of Proficiency Level Definitions... 8 Summary

More information

Cyber ROI. A practical approach to quantifying the financial benefits of cybersecurity

Cyber ROI. A practical approach to quantifying the financial benefits of cybersecurity Cyber ROI A practical approach to quantifying the financial benefits of cybersecurity Cyber Investment Challenges In 2015, global cybersecurity spending is expected to reach an all-time high of $76.9

More information

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the

Remarks by. Carolyn G. DuChene Deputy Comptroller Operational Risk. at the Remarks by Carolyn G. DuChene Deputy Comptroller Operational Risk at the Bank Safety and Soundness Advisor Community Bank Enterprise Risk Management Seminar Washington, D.C. October 22, 2012 Good afternoon,

More information

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC. Experience the commitment WHITE PAPER Information Security Continuous Monitoring Charting the Right Course May 2014 cgi.com 2014 CGI GROUP INC. During the last few months of 2013, six federal agencies

More information

Global Statement of Business Continuity

Global Statement of Business Continuity Business Continuity Management Version 1.0-2014 Date October 18, 2014 Status Author Business Continuity Management (BCM) Page 1 of 8 Table of Contents 1. Credit Suisse Business Continuity Statement 3 2.

More information

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan

EMERGENCY PREPAREDNESS PLAN Business Continuity Plan EMERGENCY PREPAREDNESS PLAN Business Continuity Plan GIS Bankers Insurance Group Powered by DISASTER PREPAREDNESS Implementation Small Business Guide to Business Continuity Planning Surviving a Catastrophic

More information

LAW ENFORCEMENT PROGRAM ACCREDITATION MANAGER (PROGRAM SPECIALIST 4)

LAW ENFORCEMENT PROGRAM ACCREDITATION MANAGER (PROGRAM SPECIALIST 4) From: To: Subject: Date: Galvan, Jodie Galvan, Jodie Emailing: Job Bulletin Tuesday, June 30, 2015 10:15:40 AM State of Washington Dept. of Fish and Wildlife invites applications for the position of: Accreditation

More information

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide COUNTERINTELLIGENCE O F F I C E O F T H E N A T I O N A L C O U N T E R I N T E L L I G E N C E Protecting Key Assets: A Corporate Counterintelligence Guide E X E C U T I V E Counterintelligence for the

More information

Birmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy

Birmingham CrossCity Clinical Commissioning Group. Business Continuity Management Policy Birmingham CrossCity Clinical Commissioning Group Business Continuity Management Policy Version V1.0 Ratified by Operational Development Group Date ratified 6 th November 2014 Name of originator / author

More information

Standards for the Professional Practice of Internal Auditing

Standards for the Professional Practice of Internal Auditing Standards for the Professional Practice of Internal Auditing THE INSTITUTE OF INTERNAL AUDITORS 247 Maitland Avenue Altamonte Springs, Florida 32701-4201 Copyright c 2001 by The Institute of Internal Auditors,

More information

ENTERPRISE RISK MANAGEMENT FRAMEWORK

ENTERPRISE RISK MANAGEMENT FRAMEWORK ENTERPRISE RISK MANAGEMENT FRAMEWORK COVENANT HEALTH LEGAL & RISK MANAGEMENT CONTENTS 1.0 PURPOSE OF THE DOCUMENT... 3 2.0 INTRODUCTION AND OVERVIEW... 4 3.0 GOVERNANCE STRUCTURE AND ACCOUNTABILITY...

More information

FCPA 10 Hallmarks Self- Assessment

FCPA 10 Hallmarks Self- Assessment FCPA 10 Hallmarks Self- Assessment How exposed is your business to corruption risk? Take this assessment to find out if your systems are sufficiently robust to protect your business October 2014 Prepared

More information

KING III CORPORATE GOVERNANCE COMPLIANCE REGISTER

KING III CORPORATE GOVERNANCE COMPLIANCE REGISTER KING III CORPORATE GOVERNANCE REGISTER CHAPTER 1: ETHICAL LEADERSHIP AND CORPORATE CITIZENSHIP NON 1.1. The board should provide effective leadership based on an ethical foundation 1.2. The board should

More information

ASSE On-Site Seminar Course Selections

ASSE On-Site Seminar Course Selections ASSE On-Site Seminar Course Selections - SAFETY & HEALTH MANAGEMENT - Safety Management Part I: Fundamental Concepts An excellent basic seminar. This seminar suggests fundamental elements that form an

More information

OCCUPATIONAL STANDARD (For use in the development of supply chain related job descriptions, performance evaluations, career development plans, etc.

OCCUPATIONAL STANDARD (For use in the development of supply chain related job descriptions, performance evaluations, career development plans, etc. OCCUPATIONAL STANDARD (For use in the development of supply chain related job descriptions, performance evaluations, career development plans, etc.) Description of Position (As defined by the CSCSC Stakeholder

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

Board Governance Principles Amended September 29, 2012 Tyco International Ltd.

Board Governance Principles Amended September 29, 2012 Tyco International Ltd. BOD Approved 9/13/12 Board Governance Principles Amended September 29, 2012 Tyco International Ltd. 2012 Tyco International, Ltd. - Board Governance Principles 1 TABLE OF CONTENTS TYCO VISION AND VALUES...

More information

Internal Auditing: Assurance, Insight, and Objectivity

Internal Auditing: Assurance, Insight, and Objectivity Internal Auditing: Assurance, Insight, and Objectivity WHAT IS INTERNAL AUDITING? INTERNAL AUDITING business people all around the world are familiar with the term. But do they understand the value it

More information

Performs the Federal coordination role for supporting the energy requirements associated with National Special Security Events.

Performs the Federal coordination role for supporting the energy requirements associated with National Special Security Events. ESF Coordinator: Energy Primary Agency: Energy Support Agencies: Agriculture Commerce Defense Homeland Security the Interior Labor State Transportation Environmental Protection Agency Nuclear Regulatory

More information

www.pwc.fi We believe successful global organisations can confront fraud, corruption and abuse PwC Finland Forensic Services

www.pwc.fi We believe successful global organisations can confront fraud, corruption and abuse PwC Finland Forensic Services www.pwc.fi We believe successful global organisations can confront fraud, corruption and abuse Finland Who are we? Bring a robust forensics team to the table to support your organisation Our practice can

More information

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015 The following consists of the joint explanatory statement to accompany the Cybersecurity Act of 2015. This joint explanatory statement

More information

Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org

Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org Cybersecurity Credentials Collaborative (C3) cybersecuritycc.org October 2015 Collaboration Members Certification Matters The Cybersecurity Credentials Collaborative (C3) was formed in 2011 to provide

More information

www.pwc.com Surviving Contact with Reality Crisis exercises as a key element of cyber incident and crisis management response.

www.pwc.com Surviving Contact with Reality Crisis exercises as a key element of cyber incident and crisis management response. www.pwc.com Surviving Contact with Reality Crisis exercises as a key element of cyber incident and crisis management response. What Happened to the Dinosaurs Avoiding the Extinction- Level Event Corporations

More information

An Overview of Large US Military Cybersecurity Organizations

An Overview of Large US Military Cybersecurity Organizations An Overview of Large US Military Cybersecurity Organizations Colonel Bruce D. Caulkins, Ph.D. Chief, Cyber Strategy, Plans, Policy, and Exercises Division United States Pacific Command 2 Agenda United

More information

Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS. www.fic.gov.bc.ca

Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS. www.fic.gov.bc.ca Governance Guideline SEPTEMBER 2013 BC CREDIT UNIONS www.fic.gov.bc.ca INTRODUCTION The Financial Institutions Commission 1 (FICOM) holds the Board of Directors 2 (board) accountable for the stewardship

More information

Database and Marketing Insight Officer

Database and Marketing Insight Officer Database and Marketing Insight Officer Job Description Job Title: Database and Marketing Insight Officer Reports to: Head of Marketing & Communications Close liaison with: Head of Donor Development Salary:

More information

TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS

TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS INTRODUCTION The purpose of this document is to list the aligned with each in the Texas Homeland Security Strategic Plan 2015-2020 (THSSP).

More information

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event

More information

ASAE s Job Task Analysis Strategic Level Competencies

ASAE s Job Task Analysis Strategic Level Competencies ASAE s Job Task Analysis Strategic Level Competencies During 2013, ASAE funded an extensive, psychometrically valid study to document the competencies essential to the practice of association management

More information

Italy. EY s Global Information Security Survey 2013

Italy. EY s Global Information Security Survey 2013 Italy EY s Global Information Security Survey 2013 EY s Global Information Security Survey 2013 This year s survey our 16th edition captures the responses of 1,909 C-suite and senior level IT and information

More information

CYBER SECURITY INFORMATION SHARING & COLLABORATION

CYBER SECURITY INFORMATION SHARING & COLLABORATION Corporate Information Security CYBER SECURITY INFORMATION SHARING & COLLABORATION David N. Saul Senior Vice President & Chief Scientist 28 June 2013 Discussion Flow The Evolving Threat Environment Drivers

More information

NIST Cybersecurity Framework & A Tale of Two Criticalities

NIST Cybersecurity Framework & A Tale of Two Criticalities NIST Cybersecurity Framework & A Tale of Two Criticalities Vendor Management & Incident Response Presented by: John H Rogers, CISSP Advisory Services Practice Manager john.rogers@sagedatasecurity.com Presented

More information

Business Continuity Policy

Business Continuity Policy Business Continuity Policy Page 1 of 15 Business Continuity Policy First published: Amendment record Version Date Reviewer Comment 1.0 07/01/2014 Debbie Campbell 2.0 11/07/14 Vicky Ryan Updated to include

More information

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA White Paper Achieving GLBA Compliance through Security Information Management White Paper / GLBA Contents Executive Summary... 1 Introduction: Brief Overview of GLBA... 1 The GLBA Challenge: Securing Financial

More information

Business Continuity and Disaster Planning

Business Continuity and Disaster Planning WHITE PAPER Business Continuity and Disaster Planning A guide to preparing for the unexpected Robert Drewniak Director, Strategic & Advisory Services Disasters are not always the result of high winds and

More information

ACCOUNTING CLERK Position Code: PRAC. ASST. AIRCRAFT TECHNICAL SPECIALIST Position Code: PRAATS. BUSINESS ANALYST Position Code: PRBA

ACCOUNTING CLERK Position Code: PRAC. ASST. AIRCRAFT TECHNICAL SPECIALIST Position Code: PRAATS. BUSINESS ANALYST Position Code: PRBA ACCOUNTING CLERK Position Code: PRAC Support accounting operations by filing documents and reconciling statements in a timely and efficient manner; has understanding on General Accounting procedures; can

More information

Executive Management of Information Security

Executive Management of Information Security WHITE PAPER Executive Management of Information Security _experience the commitment Entire contents 2004, 2010 by CGI Group Inc. All rights reserved. Reproduction of this publication in any form without

More information

Aligning Compliance Program Priorities with Business Objectives

Aligning Compliance Program Priorities with Business Objectives Aligning Compliance Program Priorities with Business Objectives By Jay G. Martin Vice President, Chief Compliance Officer and Senior Deputy General Counsel Baker Hughes Incorporated CAIL Institute for

More information

Address C-level Cybersecurity issues to enable and secure Digital transformation

Address C-level Cybersecurity issues to enable and secure Digital transformation Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,

More information

Manager, Corporate Planning & Reporting BC Oil & Gas Commission, Victoria Applied Leadership. Office of the Commissioner - Corporate Affairs

Manager, Corporate Planning & Reporting BC Oil & Gas Commission, Victoria Applied Leadership. Office of the Commissioner - Corporate Affairs Manager, Corporate Planning & Reporting BC Oil & Gas Commission, Victoria Applied Leadership Office of the Commissioner - Corporate Affairs The Manager, Corporate Planning & Reporting is responsible for

More information

FINRA Publishes its 2015 Report on Cybersecurity Practices

FINRA Publishes its 2015 Report on Cybersecurity Practices Securities Litigation & Enforcement Client Service Group and Data Privacy & Security Team To: Our Clients and Friends February 12, 2015 FINRA Publishes its 2015 Report on Cybersecurity Practices On February

More information

Cybersecurity The role of Internal Audit

Cybersecurity The role of Internal Audit Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government

More information

fs viewpoint www.pwc.com/fsi

fs viewpoint www.pwc.com/fsi fs viewpoint www.pwc.com/fsi June 2013 02 11 16 21 24 Point of view Competitive intelligence A framework for response How PwC can help Appendix It takes two to tango: Managing technology risk is now a

More information

Title: Executive Associate to CEO & General Counsel Manager: President & CEO. Department: Executive FLSA Status: Exempt ABOUT HUMANITY UNITED:

Title: Executive Associate to CEO & General Counsel Manager: President & CEO. Department: Executive FLSA Status: Exempt ABOUT HUMANITY UNITED: Title: Executive Associate to CEO & General Counsel Manager: President & CEO Department: Executive FLSA Status: Exempt ABOUT HUMANITY UNITED: Humanity United is a foundation committed to building peace

More information