- Define and review information security policies and processes and conduct Risk Assessments on Processes, Applications, Networks & Systems.
- As Information security Risk implementer, assess impacts to business from cyber security, legal and regulatory perspective.
- Work with Project Managers, Business Analysts, Architecture and Support Teams to ensure that Information security and Risk management standards are being followed.
- Conduct Information security internal audits.
- Define and assist in security control implementations.
- 2-6 + years of relevant experience, Good understanding of Information Risk Management, Audit (internal and external), and Controls.
- Knowledge and practical experience with frameworks and standards: ISO 27001 Implementation and Management
- Good understanding of IT security standards and legal compliance aspects.
- Technical knowledge & relevant experience in security domains /technologies related to:
- Business Impact Assessment
- Infrastructure/Network security
- Knowledge of Data Security Standards/Privacy Principles
- Ability to interface and network with Business and IT
- Ability to foresee and identify mitigation strategies for Risks
- Display excellent communication and influencing skills
- Be pro-active and self-motivated
- Display Ability and eagerness to quickly learn new technologies.
Learn more about our Risk Advisory Services.