#IT Security Manager/Officer

Responsibilities:

• Review and development of information security policies, standards, processes, procedures and guidelines in accordance with cybersecurity best practices
• Administer compliance with these policies and procedures through ongoing security reviews, audits and assessments.
• ITSM : At least 5 years experience
• ITSO : At least 2 years experience
• Conduct security risk assessment, business impact analysis and develop security risk treatment plan.
• Collaborate with stakeholders for risk management, mitigation and remediation measure.
• Collaborate with Technical Leads on security testing.
• Develop in the security awareness training program to foster a secure culture,  improve security awareness and compliance.
• Partner with internal and external audit teams, to manage and effect audits from a compliance & point-in-time perspective, to a risk-driven, continuous proactive compliance approach.
• Point of contact to assist and advise on ICT security related matters.
• Create security metrics to communicate security posture and risks to management.

The ideal candidate should possess:

• Degree/Diploma or higher in Computer Science, Information Systems or equivalent
• At least one security certification is preferred, such as CISM, CRISC, CISA or CISSP
• At least 5 years of experience in cyber/IT Risk Management, Governance or Compliance.
• Understanding of control and risk management concepts including control testing, risk assessments, risk  treatment and third party risk.
• Knowledge of risk management policies, methods, standards, processes, governance models, and both quantitative and qualitative risk analysis approaches.
• Knowledge of common information security management frameworks, such as ISO 27001-5, COBIT and NIST, including 800-53 and Cyber security Framework.