Purpose of the role
- To develop strong information risk management processes within the given region and measure the effectiveness of overall posture of information security framework while suggesting steps for improvements
- To ensure on-going compliance to IS standards & best practices. Act as a single point of contact for all Information Security requirements within the region
Profile - Roles and Responsibilities
Areas of Responsibility & brief description Responsibility Level
1. Develop & implement Information Risk Management Framework for the region Full
2. Undertake initiatives to ensure continuous improvement of implemented controls for the region Full
3. Ensure successful outcome in external/internal audits conducted Full
4. Implement Information Security awareness program for the region Full
5. Ensure high standards of Information Security service delivery within time & budget Full
6. Act as a single point of contact for all Information Security requirements within the region and liaise with the Corporate Information Security team Full
7. Drive all Information Security related activities like ISO 27001 implementation, user training and awareness, internal audits, compliance to policies and procedures. Full
8. Ensure compliance to ISO 27001 standards with respect to Information Security. Full
9. Ensure IT security controls are rolled out in all VACs within the region in coordination with the IT team. Track and improve Information Security controls. Responsible for all Technology Risk Management activities Full
10. Carry out all compliance audits across all VACs in the region. Ensure no non-compliance reports either in internal or external audits Full
11. Ensure implementation of Information Security controls to minimise possibility of data leakage Full
12. Work with different regional teams to ensure on going compliance to Information Security best practices and standards Full
13. Judicious use of natural resources Full
14. Shall adhere to the environment health and safety policy/objectives and guidelines of the organization
Full
Qualification & Experience (Education, Experience, specific knowledge, skills, understanding, attitude)
Education: Minimum: Graduate or global equivalent degree
Additional: CISSP, CISM, ITIL, PMP
Experience: 7 - 8 years of relevant experience
Knowledge & Key Skills: In depth knowledge of:
- Network protocols and network connectivity concepts; Firewall and Internet technologies;
- Secure access control mechanisms; Encryption and Key Management techniques
Didn’t find the job appropriate? Report this Job