Job Responsibilities
- Maintain and enhance information security framework to address evolving cybersecurity threats.
- Lead management review and lesson learned meetings to improve security posture.
- Conduct security awareness workshops and publish advisories to promote a security-first culture.
- Provide regular reporting to management on security performance, compliance status, and risk exposure.
- Perform risk assessments on IT systems, networks, and applications, and implement controls to mitigate identified risks.
- Monitor security alerts and threat intelligence to detect and respond to potential cyber threats.
- Perform information security audits and recommend effective measures to address gaps and inefficiencies.
- Manage incident containment, eradication, and recovery to minimize impact and restore operations swiftly.
- Coordinate with stakeholders to implement security initiatives.
- Provide input into information security spending and budgeting.
Job Requirements
Minimum Education / Qualifications
- Degree in Information systems or equivalent.
Minimum Years of Relevant Experience
- 2 years’ experience in setting up and managing information security operations.
Knowledge/Skills
- Experience in ISO27001 ISMS, CIS, and/ or NIST frameworks.
- Experience in managing threat, vulnerability and incident, and understanding in digital forensic investigation, tools, and processes.
- Knowledge in security protections, practices, or solutions like Firewall, IDS/IPS, network segmentation, DLP, WAF, NAC, WiFi security, cryptography, endpoint protection, OWASP, etc.
- Certifications in CISA, CISM, CISSP and/ or PMP will be an advantage.
- Knowledgeable in Microsoft Office and other Windows and web applications.
Attributes (functional or leadership competencies)
- Meticulous and hands on.
- Excellent communication and written skills.
- Strong analytical and problem-solving skills.
- Team player with excellent interpersonal skills and multi-tasker.
- Customer-centric and proactive.
#J-18808-Ljbffr