JOB PURPOSE:
To ensure the security of the company, customer and proprietary information, including information transmitted to and from the company environment, ensuring compliance with regulatory requirements, and for ensuring employees are familiar with general security awareness practices.
RESPONSIBILITIES
IT Governance Management
- Implementation of security measures that support the Information Security to ensure alignment with the organizational strategy
- Assist in the risk management process through the implementation of risk mitigation strategies based on Information Security best practice principles
- Review and provide input to business cases and Technology specification documents
- Ensure compliance with Information Security Policies, Procedures and Processes
- Participate in developing, implementing and maintaining Information Security
- Policies, processes and procedures based on industry standards and best practices
- Take appropriate measures to safeguard the company, customer and proprietary information from threats and vulnerabilities
- Assist colleagues in the implementation of security measures for internal customers
IT Governance Management
- Execution of performance of analysis, advisory services, and the maintenance of Information Security policy(s), standards, guidelines, and procedures that are deployed and or developed in support of computer operating systems and or applications used by the organization
- Support and deliver information security administration and provide technical and problem support to internal customers
- Assist in the definition and implementation of Information Security projects
IT Risk Management
- Monitor the Risk Register to ensure that clear mitigation strategies have been defined and that the implementation of the mitigation strategies are effective
- Facilitate audits, inspections, testing and/or reviews of relevant processes and management controls by various internal groups and external groups
- Compile and consolidate IT risk management registers and report to the Information Security Officer
- Ensure compliance with the Change and Release Management process
- Engage with internal and external stakeholders on IT risk management procedures
- Execution of the risk management tools and risk assessments to ensure accuracy and completeness of information and security practices
IT Disaster Recovery
- Assist with the development, implementation and testing of the Disaster
Recovery Strategy
- Ensure that the Disaster Recovery Plans (DRP) are aligned with the business defined recovery point and recovery time objectives
- Ensure that Disaster Recovery Plan tests conducted according to the agreed test plan
Management of IT Governance vendors
- Ensure that the supplier/vendor security management process is effective and based best practices and regulatory compliance
- Manage security related contracts and non-disclosure agreements with security suppliers, vendors and service providers
- Maintain professional relationships with security service providers
- Provide customer service to internal and external clients
Work Collaboratively
- Build a culture of respect and understanding across the organisation
- Recognise outcomes which resulted from effective collaboration between teams
- Build co-operation and overcome barriers to information sharing, communication and collaboration across the organisation
- Facilitate opportunities to engage and collaborate with external stakeholders to develop joint solutions
- Collaborate with other leaders to deliver a superior end to end customer experience
Education
- Bachelors’ degree or the equivalent diploma in Computer Science / Information systems / Information technology
- ITIL Certification
Experience
- Information Security experience, with broad knowledge in all areas of Information Security, including but are not limited to payment technologies, virtualization, cryptography, networking and database security 5 years and above experience
Desired Skills:
- Information Security
- Networking