Key Roles & Responsibilities
· Manage stakeholders involved in cybersecurity including executive management and information security committees through defining clear performance targets and sound risks management processes
· Manage Cybersecurity projects and implementations, investigation IT security incidents, evaluation of cybersecurity technologies landscape, data classification..etc.
· Develop and execute Training and awareness programs for IT and Business Units to defend against security threats (including but not limited to phishing, scams, social engineering..etc).
· Manage Cybersecurity maturity assessments, information security controls, ISO27001 and Information Security Management System (ISMS) including approved policies, processes and procedures. As well as managing operations and compliance while ensuring information security management processes are auditable and audited. Ensure compliance with relevant information legislation. Ensure that appropriate information security and compliance obligations are reflected.
· Develop, manage and execute plan for regular cybersecurity vulnerabilities assessments and penetration testing, Cybersecurity defense in-depth
· Manage, Review and assess Privacy of Personal Information across BUs, Identity and privilege access management, cybersecurity incident Management, data protection practices, rights management
· Develop, manage and execute Operational Cybersecurity plan business continuity plan
· Act as a focal point, providing advice and guidance for all aspects of information security across BUs.
Application Security, Security Audit, Security Plan Preparation, Web Application Security, Cyber Security, Information Security Awareness, Information Security Standards, Information Security Management