Manager – IT Security and Compliance
Manager - IT Security and Compliance
Job Summary
• Set security standards and policies across the IT organization
• Ensure effective security standards are adhered to across the organization
• Development or enhancement and roll out of the IT policies and procedures, and subsequent assessment of compliance and maturity of the process framework within the IT organization.
Roles & Responsibility
• Develop information security standards and ensure implementation of information security policies and standards
• Identify and manage key information security risks, incidents, audit findings and events within IT
• Ensure business continuity and disaster recovery plans are adhered to
• Ensure IT systems security and resilience to external/internal factors (data availability, integrity and confidentiality)
• Keep up-to-date with latest IT security benchmarks and best practices
• Communicate major security breaches and requirements to the head of IT
• Ensure that the Senior Team of IT is fully aware of the current security strengths and weaknesses
• Enhance awareness of IT security through presentations and new staff induction courses
• Conduct periodic assessment on state of IT security
• Measure and monitor levels of information security compliance
• Issue regular security assessment reports (e.g. penetration and vulnerability testing, etc…)
• Develop, plan, and manage actions to address shortcomings
• Ensure conformance to relevant Service Level Agreements
• Definition of IT governance frameworks (strategy, operations, delivery and monitoring).
• Development or enhancement and roll out of the IT policies and procedures.
• Development of a process for assessment of compliance to the policies, processes and procedures.
• Development of an assessment framework for the maturity of the process framework within IT.
• Sponsorship of the IT policies, processes and procedures.
Business capabilities
• 10+ years in Information Technology with a minimum of 5 years in the security and compliance position of a leading organization
• Experience in implementing process frameworks in similar organizations: ISO 27001, ISO 20000, Cobit, ITIL.
• Knowledge of Information Security Standards/Practices and regulatory/compliance requirements
• Technical proficiency in security-related hardware and software; ability to function as a consultant to other IT groups on security matters as a recognized technical expert.
Interpersonal skills
• Strong verbal and written communication skill and presentation skills
• Proven skills in working collaboratively with business teams.
Education
• Bachelor’s degree in Computer Science or a technical discipline relevant to IT security
• Relevant systems security certification such as CISA/CISSP etc.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
