Accountabilities /Job Duties
• Steers and manages the definition of information technology security processes & policies, methods & systems
• Steers and manages the process of auditing technology vendors from security perspective
• Steers and manages the monitoring of technology systems and networks for incidents & violations and technology security metrics compliance
• Steers and manages the identification and escalation of technology security incidents
• Steers and manages the identification and report of general technology security risks and develop case for change
• Steers and manages the development & delivery of technology security trainings for different stakeholders
• Steers and manages the implementation of technology security initiatives
• Steers and manages the definition and maintenance of data governance standards & policies (data definition, usage, security, structure)
• Steers and manages the alignment of data protection procedures to business needs
• Steers and manages the review of legal and regulatory compliance of data management & protection
• Steers and manages the implementation of data protection controls and monitor data security
• Steers and manages the assessment & monitoring of data protection & vulnerability metrics to ensure organization's protection
• 5+ years of work experience in Information Security with governance, risk and compliance in IT, bank or telecom industry.
• Strong understanding of information security risk management including risk analysis, mitigation, resolution and acceptance.
• Experience in implementation of Information security management system, based on international standards.
• Knowledge of IT and control systems including cryptography, vulnerability assessment, SIEM, DLP, and exploitation techniques.
• Demonstrated experience with security frameworks and security management including knowledge of business continuity, incident management.
• Security certification, such as a CISSP, CISM, CISA, CEH, ISO27001/2, or other similar credentials, is desirable.
• Strong understanding of customer privacy, local privacy/information security legislation and GDPR.
• Ability to communicate security risk in business terms and resolve conflicts between security and business objectives.
• Excellent communication, interpersonal and relationship management skills.
• Experience in leading and managing teams.
• Experience in IT project management, ability to manage multiple projects simultaneously.
• Knowledge with IT concepts with databases and operating systems.
• Knowledge of Information Security policies and procedures based on best practice
• Excellent documentation and organizational skills.