Ø Research and recommend IT standards, controls, policies and procedures based on best practice and participate in the implementation and monitoring of security and compliance
Ø Implement management recommended governance frameworks and standards that can enhance IT functions such as COBIT, COSO, ITIL, and ISO 38500, 27001, 27002,27018 and ensures that IT processes and activities are mapped to implemented IT standards
Ø Ensure that Security & adopted standards are considered in projects, initiatives, new implementations and operational tasks.
Ø Establish mechanisms and conduct assessments to identify, assess and mitigate IT Security Risks; develop and recommends corrective action plans for resolution
Ø Identify risk prevention methods and their administrative and technical procedures in order to mitigate the impact of risks or limit them.
Ø Identify and evaluate business and technology risks and report on the effectiveness of established controls to mitigate risks
Ø Ensure corrective and preventive actions against identified or potential nonconformities
Ø Ensure all the security incidents are identified, contained and managed properly
Ø Ensure compliance with cyber security standards, policies and procedures based on local and global standards as well as national cyber security policies.
Ø Perform IT assessments and provide recommendations for improvements
Ø Perform threat & Vulnerability assessment and provide recommendation accordingly
Ø Manage the remediation of vulnerability scans. Track, report, and identify solutions to mitigate or remediate the findings.