IT Governance & Security Analyst

Job Summary:

Maintain a strong and robust information security management system by prevention, detection & response, identifying IT security risks and other related information security activities. Ensure adherence to applicable information security standards and provide technical consultation on business applications, architectures and infrastructure

Main Responsibilities & Tasks

• Implementing, maintaining Information Security & Governance Program/s. to enhance overall Cybersecurity Posture
• Maintain Information Security Management Systems Documentation (Policies, Procedures, Manuals & etc.)
• Follow up with teams to ensure ISMS implementation procedures are followed along with best practices are maintained
• Participate in Business Continuity program, team/s and enhancements
• Perform vulnerability assessment and Penetration testing of business applications.
• Identify exploitable by attackers
• Recommend and support relevant teams in mitigations & fixups
• Maintain Cybersecurity risk assessment, risk treatment plans and follow ups.
• Perform IT security internal audit for network, infrastructure, and business applications
• Support for External Auditors and follow ups on Cybersecurity Audits
• Information Security Improvements based on Audits and building control capability reports
• Maintain Cybersecurity Security Change management, Authorization & Practice Reviews & Approvals (suggestions)
• Maintain and participate in awareness of information privacy programs, maintaining CIA, IAG & PAM, and Legal compliances.
• Maintain and build culture for information asset / data / PII protection as per the applicable guidelines, framework & standards by the regulatory
• Leading and ensuring security incident management and response in timely manner as per the polices & procedures
• Relevant vendor management
• Engagement in ensuring economical budgeting and overall capacity plans are maintained
• Job descriptions are written to reflect major accountabilities and will not describe all the tasks which may be performed by an individual. The incumbent shall perform any additional related duties assigned by the respective line manager to meet operational requirements
• The incumbent shall ensure the highest standards are followed to safeguard the sensitive and confidential information

Minimum Required Qualifications, Certificates & Skills

• Graduate in IT or Relevant field
• 5+ Years overall IT with 2+ years in Cyber Security & sufficient understanding of IT Governance
• ISMS Implementor & Audit, BCMS, CISSP, CISM, CEH, COBIT, CCSP & relevant or relevant practical hands-on working knowledge / experience
• Project Management, Time Management, Managing KPI’s, IT Cyber Security Audit, Strong verbal and written communication skills, Budgeting, Capacity planning, Knowledge of IoT, Cloud Security, ability to work as team and individually as well.