chief ICT security officer

Chief ICT security officers protect company and employee information against unauthorized access. They also define the Information System security policy, manage security deployment across all Information Systems and ensure the provision of information availability.

Scope note

Includes people performing corporate security functions.

Alternative Labels

chief ICT security officers

chief information security officer

CISO

cybersecurity programme director

head IT security officer

head of information security

head of IT security

ICT security officer

information security administrator

information security manager

information security officer

ISO

IT security officer

Regulatory Aspect

To see if and how this occupation is regulated in EU Member States, EEA countries or Switzerland please consult the Regulated Professions Database of the Commission. Regulated Professions Database:

http://ec.europa.eu/growth/single-market/services/free-movement-professionals/qualifications-recognition_en

Skills & Competences

Essential Skills and Competences

advice on security risk management communicate with stakeholders comply with legal regulations develop information security strategy educate on data confidentiality engage with stakeholders ensure adherence to organisational ICT standards ensure compliance with legal requirements ensure cross-department cooperation ensure information privacy establish an ICT security prevention plan establish an Information Security Management System forecast organisational risks identify ICT security risks implement ICT risk management implement ICT security policies implement corporate governance lead disaster recovery exercises maintain plan for continuity of operations manage IT security compliances manage disaster recovery plans manage system security monitor developments in field of expertise monitor technology trends utilise decision support system

Essential Knowledge

ICT network security risks ICT process quality models ICT project management ICT project management methodologies ICT safety ICT security legislation ICT security standards assessment of risks and threats attack vectors audit techniques cyber attack counter-measures cyber security data protection decision support systems ethical hacking principles ethics information confidentiality information security strategy internal risk management policy organisational resilience risk management security engineering

Optional Skills and Competences

apply operations for an ITIL-based environment assess ICT knowledge conduct impact evaluation of ICT processes on business coordinate technological activities create solutions to problems execute ICT audits identify legal requirements implement a firewall implement a virtual private network implement anti-virus software implement cloud security and compliance manage digital identity manage keys for data protection manage staff optimise choice of ICT solution protect personal data and privacy train employees use different communication channels

Optional Knowledge

ICT communications protocols ICT encryption ICT infrastructure ICT recovery techniques ICT system user requirements Internet of Things World Wide Web Consortium standards cloud monitoring and reporting cloud security and compliance cloud technologies computer forensics computer programming control objectives for information and related technology internet governance software anomalies web application security threats

Skills & Competences

Concept status

Concept Uri

http://data.europa.eu/esco/occupation/276ba420-ef09-4a0e-b215-2c2e2f80ad28

Status

released

Occupations