- Monitors and routinely audits compliance to all information security procedures and policies and ensures consistency of internal controls across departments.
- Lead remediation process for all security related gaps identified during internal audit reviews as well as reviews performed by third party entities such as security consulting and others.
- Help align process and procedure as well as network and system standards to the company s IT security policies
- Manage the on-boarding of technology related projects to make sure that they align with the company s security policies, guidelines and ISP process.
- The candidate will need to work with all parties to include project sponsors, vendor and IT operations group
- Drive annual compliance certification and oversee all related controls and documentation management as required
- Manages the ongoing vulnerability scanning and assessment process and partners with the rest of IT and third parties to resolve vulnerabilities in a timely manner to maintain compliance.
- Partners with the rest of the IT organization to ensure effective implementation and ongoing management of security tools, systems and processes including: logging, IDS, IPS, endpoint protection, web filtering, MDM, DLP, patch management, vulnerability scanning technologies, etc.
- Partner with the infrastructure team to develop strong security posturing including reviewing firewall policies and propose changes such as additional network segmentation and filtering policies to better protect the network.
- Provide oversight to IS operation team to manage end user computing on endpoint security, patching and policy management.
- Provides oversight, guidance and development of requirements for vendor selection for new and replacement technologies within the IT Security footprint.
- Interfaces with management and user community to understand business needs, implement security best practices, and identify opportunities for improving security and compliance.
- Partners with the training and professional development staff to promote security awareness among the user community.
- Review and develop the company s overall security program and manage multiple security projects in a given period.
Essential Knowledge & Experience:
Minimum Years of Experience Minimum of 5 years experience in IT or Security Management Minimum Education Requirement Bachelor s degree or equivalent in related field.
Preferred Skills CISSP, CISM or GSEC Security Certification preferred In-depth knowledge of security best practices (encryption, data protection, design, privilege access, etc.). Experience with managing and implementing standard security technologies (DLP, MDM, SIEM, AV, IDS).
Experience with file management access tool such as Varonis and is able to drive data owner entitlement review process.
Experience with compliance management and certification (PCI, GDPR, CCPA) Knowledge of networks technologies (protocols, design concepts, access control). Excellent written and verbal communications.
Proficiency in planning, reporting, establishing goals and objectives, standards, priorities and schedules
Key Outputs/responsibility: * Monitors And Routinely Audits Compliance To All Information Security Procedures And Policies And Ensures Consistency Of Internal Controls Across Departments. * Lead Remediation Process For All Security Related Gaps
Looking for Any Graduate / Post Graduate graduates profile.