Define and review information security policies and processes and conduct Risk Assessments on Processes, Applications, Networks & Systems.
As Information security Risk implementer, assess impacts to business from cyber security, legal and regulatory perspective.
Work with Project Managers, Business Analysts, Architecture and Support Teams to ensure that Information security and Risk management standards are being followed.
Conduct Information security internal audits.
Define and assist in security control implementations
Desired Profile:
4 - 6 + years of relevant experience, Good understanding of Information Risk Management, Audit (internal and external), and Controls.
Knowledge and practical experience with frameworks and standards: ISO 27001 Implementation and Management
Good understanding of IT security standards and legal compliance aspects.
Technical knowledge & relevant experience in security domains /technologies related to:
Business Impact Assessment
Infrastructure/Network security
Knowledge of Data Security Standards/Privacy Principles
Ability to interface and network with Business and IT
Ability to foresee and identify mitigation strategies for Risks
Must:
Display excellent communication and influencing skills
Be pro-active and self-motivated
Display Ability and eagerness to quickly learn new technologies.
