Job Description
Responsibilities :
Accountabilities /Job Duties• Steers and manages the definition of information technology security processes & policies, methods & systems
• Steers and manages the process of auditing technology vendors from security perspective
• Steers and manages the monitoring of technology systems and networks for incidents & violations and technology security metrics compliance
• Steers and manages the identification and escalation of technology security incidents
• Steers and manages the identification and report of general technology security risks and develop case for change
• Steers and manages the development & delivery of technology security trainings for different stakeholders
• Steers and manages the implementation of technology security initiatives
• Steers and manages the definition and maintenance of data governance standards & policies (data definition, usage, security, structure)
• Steers and manages the alignment of data protection procedures to business needs
• Steers and manages the review of legal and regulatory compliance of data management & protection
• Steers and manages the implementation of data protection controls and monitor data security
• Steers and manages the assessment & monitoring of data protection & vulnerability metrics to ensure organization's protection
Requirements :
• 5+ years of work experience in Information Security with governance, risk and compliance in IT, bank or telecom industry.• Strong understanding of information security risk management including risk analysis, mitigation, resolution and acceptance.
• Experience in implementation of Information security management system, based on international standards.
• Knowledge of IT and control systems including cryptography, vulnerability assessment, SIEM, DLP, and exploitation techniques.
• Demonstrated experience with security frameworks and security management including knowledge of business continuity, incident management.
• Security certification, such as a CISSP, CISM, CISA, CEH, ISO27001/2, or other similar credentials, is desirable.
• Strong understanding of customer privacy, local privacy/information security legislation and GDPR.
• Ability to communicate security risk in business terms and resolve conflicts between security and business objectives.
• Excellent communication, interpersonal and relationship management skills.
• Experience in leading and managing teams.
• Experience in IT project management, ability to manage multiple projects simultaneously.
• Knowledge with IT concepts with databases and operating systems.
• Knowledge of Information Security policies and procedures based on best practice
• Excellent documentation and organizational skills.