Tototheo Maritime is seeking a Head of Information Security to join their Technology Team. The Head of Information Security is responsible for providing the vision and oversight necessary to ensure the confidentiality, integrity, and availability of the company’s customer, partner, employee, and business information by assessing risk, articulating it clearly, and creating mitigation strategies according to the organization’s risk appetite and regulatory environments.
Main Duties and Responsibilities:
- Definition, implementation, and constant evaluation of the Information Security Management system.
- Conducts constantly evolving risk assessments for all new and existing systems and facilitates the implementation of effective remediation controls.
- Communicates risks and recommendations to mitigate risks in a clear and concise format, enabling board-level informed decisions to be taken.
- Develops engaging information security training and education road maps, to foster and increase information security awareness in the organization.
- Ensure that disaster recovery and business continuity plans are in place and tested.
- Review, improve, and amend existing security policies ensuring compliance with regulatory frameworks and standards.
- Lead the incident response capability, conduct forensic analysis, threat hunting, and organize post-mortem investigations.
- Maintain a current understanding of the IT threat landscape for the industry.
- Ensure compliance with the evolving laws and applicable regulations.
- Schedule periodic security internal audits.
- Make sure that Information Security policies and procedures are communicated to all personnel and that compliance is enforced.
- Provide training and mentoring to information security team members.
- Work with the Chief Technology Officer to develop a holistic Information Security strategy, leveraging new technologies and accounting for threat information.
- Define and implement a road map towards ISO 27001 certification.
- In collaboration with the Commercial Unit, establish the company’s Information Security Services commercial offering and support the customer-facing sales team as and when requested.
- Maintain an up to date knowledge and understanding of the company’s commercial offerings (i.e. products and services) to effectively manage risks related to information security and ensure the company’s products and services comply with applicable laws and regulations with regards to information security.
- Excellent knowledge of the English Language.
- Excellent communication skills (written and oral).
- Ability to express and communicate thoughts in a clear and organized manner.
- Detail-oriented, accuracy, and well-organized, with the ability to effectively manage a high-volume workload.
- Ability to work collaboratively across departmental functions.
- Self-motivated with the ability to take initiative and work independently.
- Excellent coordination skills.
- Able to multitask.
- Proven ability to be flexible and work hard, both independently and in a team environment, in a high-pressure on-call environment with changing priorities.
- Sound judgment and ability to analyze situations and information.
- A high degree of professional ethics and integrity.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, NIST.
- Sound understanding of regulatory frameworks such as GDPR/CCPA/PCI and maritime IMO.
- Previous experience in a similar position in the maritime industry will be considered an advantage.
- At least 3 years’ experience in a similar position.
- One or more of CISSP/CISM/ISO auditor/CISA/CCSP certifications.
- A Degree in Information Security or other related fields.
If you feel that this position matches your profile please send your CV quoting the job title to the following email firstname.lastname@example.org
About Tototheo Maritime:
Tototheo Maritime specializes in maritime technologies and services with the goal of optimizing vessel and fleet performance. Their services include innovative, efficient and functional solutions in the fields of satellite communication, navigation systems and digitalization services starting from pre-sales consultancy all through onboard installation and maintenance and after-sales support. Headquarters are in Cyprus with branch offices in Greece, Dubai and Singapore. Tototheo Maritime offers its products and services through direct and indirect channels to ship operators within merchant shipping, the offshore, yachting as well as the fishing industries. They also cater to government and land communication users with mobile and fixed solutions. Furthermore, Tototheo is investing in research and development, providing fit-for-purpose solutions for the maritime industry in general and specifically for vessels’ safe, efficient and environmentally friendly navigation/operation.