Quality Information Security Manager

DNV GL Energy North Americas (ENA) is seeking a Quality Information Security Manager to promote a cultural environment of shared responsibility that serves as technical advisor in an efficient, effective, and customer focused manner while maintaining, administrating, and improving DNV GL Management Systems (DMS) which combines Quality and Information Security aspects, as well as acting as the first liaison point for information requests in the ENA region to ensure compliance with company and market standards. The QIS Manager reports directly to the ENA Regional Human Resources Manager. This position will be specifically responsible for managing the company efforts to maintain ISO certifications 9001, 27001. Other duties will include providing relevant employees trainings, conducting internal/external audits as required, responding to Customer RFP questionnaires, and handling the reporting of regional QIS performance.

Tasks May Include:

Planning function:

• Support Regional management during the development of annual operating and tactical plans, planning of management system reviews and the development of QIS related KPIs and goals
• Liaise with the Energy Business area QIS Manager on common QIS issues and improvement opportunities
• Network with regional QHSSE coordinators to provide regional/ specific input to support implementation of Group Global/Country-wide initiatives
• Develop the QIS audit program that supports a suitable level of QIS governance for the region;
• Elaborate and implement appropriate communication strategy to ensure buy-in and compliance from all staff and sub-contractors
• Prepare inputs/communication plans related to the Management System in the region
• Prepare training and training plans to promote information security culture
• Maintain ENA information security policies and insure alignment with DMS policies

Operational function:

• Promote the use of the internal management system and ensure technical, procedural and policy documentation of DMS is up to date and in line with applicable regulation in North America
• Maintain information security risk register for ENA. Participate in, and review risk assessments for higher risk activities as required
• Provide technical support to respond to client security reviews and business development proposals
• Assist and/or perform internal/external ENA regional audits as required, in alignment with DNV GL – Energy’s audit program and ensure successful outcomes of audits performed
• Anticipate possible operational risks or opportunities and work with management to ensure an appropriate and effective response
• Promote the use of DNV GL’s tool for follow-up of QIS events, i.e. through the Synergi Life internal system
• Provide QIS knowledge and/or skills-based trainings, webinars, Newsletter releases to operational managers and staff on an as needed basis to facilitate consistent application of standards and spread best practices
• Assist employees with security assessment of new processes, applications, systems and tools

Strategic Function:

• Foster a quality and security culture that supports the prevention of QIS incidents and quality events by leading the Leadership team in championing QIS activities and work processes
• Engage the workforce on QIS issues and concerns, to promote a work environment where employees identify, communicate quality issues and security vulnerabilities, and address them with appropriate actions
• Train employees in identifying security risks and mitigating actions

Monitoring function:

• Monitor new vulnerability notifications from external references, assess their applicability and to communicate internally or otherwise take appropriate actions to respond to new security threats
• Support the ENA Region with the establishment of QIS performance reports
• Monitor, report and follow-up on the regional QIS KPIs and effectiveness of the security controls and handling of events through the relevant tools (e.g. reviews quality and information security cases)
• Monitor close out of MS reviews and audits within prescribed timescales

Requirements

EDUCATION and/or EXPERIENCE 

• Bachelor’s degree or higher or in lieu of degree a minimum of 7 years of relevant experience (preferably in information systems security, cyber security, engineering, computer science or related discipline)
• Minimum of 5 years of hands-on experience in the field of quality management (QIS), including experience in implementing, monitoring and the administration of a successful QIS program

TECHNICAL & FUNDAMENTAL QUALIFICATIONS

• Knowledge and good understanding of ISO 9001/27001 standards and management system principles.
• Ability to carry out detailed, thorough review of an information security management system and systematic information security assessment and risk analysis
• Skilled in questioning and investigating to identify root causes
• Working knowledge use of Microsoft Office 365 Application Suite including EXCEL and Power BI
• Strong communication skills including, good listening, influencing and persuasive skills and ability to build effective working relationships with people at all levels
• Ability to design/build/maintain KPI reports, technical reports and commercial correspondence using standard DNV GL tools and systems
• Ability to manage multiple complex initiatives/projects at a time

CERTIFICATES, LICENSES, REGISTRATIONS

• Certification in either, ISO 9001 or ISO 27001 or equivalent is preferred; or commitment to obtain same
• Internal Auditor certification preferred
• Required valid driver license
• Required valid documentation to allow international travel

PHYSICAL DEMANDS AND WORK ENVIRONMENT

The physical demands and work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job.  Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Require the willingness and availability to travel occasionally (for a period of a few days to a week at a time) up to 15% annually, usually within North America, but may include an international trip from time to time
• We conduct a pre-employment background check and drug screen 

**Immigration-related employment benefits, for example visa sponsorship, are not available for this position**

Opportunities Beyond Business

Our mission is to safeguard life, property and the environment. By joining us, you will work towards our meaningful vision: to make a global impact for a safe and sustainable future. DNV GL offers a congenial working environment, competitive salaries, and an exceptional benefits package.

DNV GL is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to race, color, religion, age, sex, national origin, disability or veteran status.

Local employment conditions apply.

Please visit our website at www.dnvgl.com

Why would you want to work with us? Because within DNV GL our organizational culture, and more specifically how we collectively influence the world for future generations, matters deeply to us and those we support. Our team works every day to address climate change and positively impact society; endeavors to achieve our purpose through the success of our customers; and strives to be high-performing and innovative. Our approach reflects the equity, respect, and diversity we wish to see in the world.  

DNV GL is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without regard to gender, religion, race, national or ethnic origin, cultural background, social group, disability, sexual orientation, gender identity, marital status, age or political opinion. Diversity is fundamental to our culture and we invite you to be part of this diversity!