Recommend information technology policies, standards and guidelines by evaluating the organizations outcomes, identifying problems, evaluating trends, and anticipating requirements
Reporting ISMS performance metrics and key risks to senior management
When applicable, conduct the information security risk assessment program. Review compliance with the information security policy and associated procedures and practices
Conducts initial triage of security events and incidents.
Research and educate the IS organization around specific standards and regulations that might apply to different domains while monitoring their implementation throughout the security ecosystem and provide recommendations to the relevant stakeholders.
Keep up to date with emerging security threats and alerts, emerging products, services, protocols, and standards in support of security enhancement and development efforts.
Provide technical guidance to IS teams by means of coaching and mentorship to achieve project goals to the required level of quality.
Onboard new hires, train, and share knowledge, take an active role in technical mentoring and elevating team knowledge.
Enforce quality processes (i.e. performing technical root cause analysis, outlining corrective action forgiven problems) and ensure that all the project agreed deliverables are completed to the required level of quality.
Help in coordinating InfoSec gap remediation with stakeholders e.g. with BU relation managers, External Assessors, and third parties, etc. Able to review control evidence and provide suitable suggestions to the Business Partners
Schedule, execute and document critical meeting minutes for both internal and external stakeholders (e.g. Team meetings, Operation/Calibration calls with Assessors, gap remediation calls, etc.)
