وصف الوظيفة
The role will require in-depth understanding of information security, technology architecture and business security. Successful candidates will be expected to demonstrate relevant experience working in a dynamic environment dealing with complex challenges and communicating to all levels of the business.
Business continuity management by fully implement and testing the disaster recovery process & business continuity plan.
Responsibilities/Duties
Profil de candidat recherché :
SUPERVISION
- Supervise information security policy exceptions & change management requests assessments.
- Develop a culture of in-depth understanding as to why security testing is required at both business and internal team level and external with technology partners and client.
- Analysis of information protection technologies and processes to identify technology security weaknesses.
- Lead ongoing assessments of data processing systems to confirm the design of logical controls are effective and meet regulatory and legal requirements; and Provide quality reports to summarize test activities, including objectives, planning, methodology, results, analysis, and recommendations to both technical and non-technical audiences. From the output of the reports provide suggested approaches to enhance further.
- Take the ownership and ensure Governance, Policy and Procedures in relation to Management of Information.
OPERATIONS
- Provide information protection reports to summarize test activities, including objectives, planning, methodology, results, analysis, and recommendations to both technical and non-technical audiences. From the output of the reports provide suggested approaches to enhance further.
- Coordinate with Infrastructure and business systems Teams to implement identified controls, policies, and procedures.
CONTINUOUS IMPROVEMENT
- To lead the identification of opportunities for continuous improvement of systems, processes and practices considering ‘National / international best practice’, improvement of business processes, cost reduction and productivity improvement
- Meetings or workshops or participating in professional organizations or conferences.
REPORTING
- To prepare reports timely and accurately to meet department requirements, policies, and standards
HEALTH, SAFETY & ENVIRONMENT
- To monitor the adherence to all relevant safety and environmental management procedures and controls to guarantee employee safety, legislative compliance, delivery of high-quality products/service and a responsible environmental attitude
RELATED ASSIGNMENTS
- To perform other related duties or assignments as directed
- To participate in any enhancement project to ensure company infrastructure reliability
Qualifications
- Broad knowledge of a wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies.
- Information security principles and best practice (e.g., ISO27001)
- Excellent interpersonal skills with the ability to build and influence teams; and self-motivated
Knowledge
- Strong technical abilities, combined with business acumen.
- Ability to present security topics to a non-technical audience and presenting the business value of
- security.
- A good understanding of IT networking and access management concepts.
- Ability to understand and assess technology systems and applications from both a technical and business function perspective.
- Ability to communicate business and technical risk to all levels of audience.
Experience
- Strong engineering academics.
- Preferred industry qualifications - CISSP / CISA / CISM
- Project management professional is plus.