Chief Information Security Officer

**The Company**

Gentrack provides leading utilities across the world with innovative cleantech solutions. The global pace of change is accelerating, and utilities need to rebuild for a more sustainable future. Working with some of the world’s biggest energy and water companies, as well as innovative challenger brands, we are helping companies reshape what it means to be a utilities business. We are driven by our passion to create positive impact. That is why utilities rely on us to drive innovation, deliver great customer experiences, and secure profits. Together, we are renewing utilities.

**Our Values and Culture**

Colleagues at Gentrack are one big team, working together to drive efficiency in two of the planet’s most precious resources, energy, and water. We are passionate people who want to drive change through technology and believe in making a difference. Our values drive decisions and how we interact and communicate with customers, partners, shareholders, and each other. Our core values are:

- Respect for the planet
- Respect for our customers and
- Respect for each other

Gentrackers are a group of smart thinkers and dedicated doers. We are a diverse team who love our work and the people we work with and who collaborate and inspire each other to deliver creative solutions that make our customers successful. We are a team that shares knowledge, asks questions, raises the bar, and are expert advisers. At Gentrack we care about doing honest business that is good for not just customers but families, communities, and ultimately the planet. Gentrackers continuously look for a better way and drive quality into everything they do.

This is a truly exciting time to join Gentrack with a clear growth strategy and a world class leadership team working to fulfil Gentrack’s global aspirations by having the most talented people, an inspiring culture, and a technology first, people centric business.

**The Opportunity**

The information security team spread across the APAC and EMEA regions are responsible for maintaining, and supporting the cyber security, data protection and compliance function across both our group organisation and the services we provide to our customers. With the key objective of ensuring its stable operation, risk mitigation reputation protection and efficiency.

You will develop and maintain an information security budget. Research emerging security threats and vulnerabilities and advise management on appropriate countermeasures. Create and implement strategic plans to secure the company's and our customers ICT infrastructure, systems and data. Perform risk assessment and vulnerability analysis.

You will provide guidance on our cybersecurity program on a strategic level and ensure we remain compliant with cybersecurity and data privacy standards, policy, regulations, and legislation.

You will ensure that the objectives of our organisation’s cybersecurity and data protection programs are in line with the goals of our group organisation.

You will communicate with key stakeholders. In providing them with intelligence on key cybersecurity trends. For example, providing the board of directors or senior executives with information like; the security risk profile of our group organisation, any cybersecurity improvements in motion, notable cybersecurity incidents and the return on investment on past cybersecurity initiatives.

You will work closely with other teams across Gentrack group as well as our third parties, suppliers, and vendors to ensure that we meet our information security goals.

**The Specifics**
- Provide strategic leadership and direction in ensuring the security of the organisation across all business units and subsidiaries. Overseeing the Information Security and Cyber Security process for the group companies.
- Assessing and identifying the potential cybersecurity risks that may impact the reputation, security, and financial prosperity of the group companies.
- Championing Cybersecurity training and awareness throughout the group companies.
- Manage incident response, to any security breach.
- During a security incident, it is your responsibility to bring a level of clarity to the critical internal and external stakeholders. To be able to communicate information regarding incident response effectively to upper-level management.
- Implement business continuity and disaster recovery plans
- Ensure that consistent vendor management processes are in place to mitigate these information security risks by assessing supply chain cyber threats and provide stakeholders with an understanding of the information security impacts of entering into vendor relationships.
- Manage the budget for our information security program efficiently and effectively.
- Assessments of new security platforms/software.
- Oversee compliance programs including SOC2, ISO27001 and GDPR
- Keep up to date with information security industry trends and development.
- Overseeing the Information Security a