We’re looking for a candidate to this position in an exciting company.
Develop and maintain in association with the organization’s Information Security team, the information security policies, standards and procedures. Ensure that company policies support external requirement. Oversee the diffusion of policies, standards and procedure to user community.
Education, training and awareness:
Coordinate/develop an education and training program on information security. Provide direct information security training to the workforce. Initiates, facilitates, and promotes activities to foster information security awareness within the organization.
Compliance and enforcement:
Monitors compliance with the organization’s security policies, standards and procedures among employees, contractors, alliances and other third parties and takes corrective actions
Develop and implement an incident reporting and response system to address security incidents, respond to alleged policy violation or complain by third party. Work with company and GBU/CBU SOCs
Risk assessment and risk prevention:
Performs information security risk analysis and periodic information system activity reviews for information security processes (company security audit framework) and provide/recommend remediation roadmap.
Serve as focal point on Information Security matter with counterparts within the group and external parties
Maintain knowledge base:
Keep abreast of latest security, privacy legislation and advisory alerts pertaining to the company and group. Serves as an internal information security consultant to the organization
Coordinates the development of the organizations disaster recovery and business continuity plans for information systems, and tests readiness
Demonstrated consultative approach to driving change and deploying controls
Knowledge of technological trends and developments in the area of information security and risk management