Conduct risk and gap assessments to identify gaps in existing security governance
Develop, maintain, and review information security policies, standards, procedures, and guidelines aligned with business objectives and regulatory requirements.
Maintaining and improving the security technologies deployed, including creating use cases, customizing or better configuring the tools based on past and current threats.
Develop and maintain data governance and data security
Develop and conduct security awareness training programs
Coordinate internal and external audits, including evidence collection, walkthroughs, and remediation tracking.
Act as a liaison between security, IT, business units, and auditors to ensure consistent understanding of security and compliance requirements. Maintain documentation repositories for policies, procedures, risk assessments, and audit artifacts.
Maintain the information security risk register and ensure risks are appropriately documented, prioritized, and tracked.
Required minimum qualification & experience:
Bachelor’s degree in computer science, Information Technology, or Cybersecurity.
Certifications required: CISSP, CISA and/or CEH.
Minimum Professional Experience Required:
Technical knowledge of networking concepts and network infrastructure.
Working knowledge of cloud security and data governance (e.g., Azure). Solid understanding of network and computer security, software security Strong analytical, documentation, and communication skills.
Knowledge of ISO27001, NIST controls and implementation.
Familiar with penetration and vulnerability testing. Familiar with antivirus, Firewall, IDS/IPS protocols.
