• Define and review information security policies and processes and conduct Risk Assessments on
Processes, Applications, Networks Systems.
• As Information security Risk implementer, assess impacts to business from cyber security, legal and
• Work with Project Managers, Business Analysts, Architecture and Support Teams to ensure that
Information security and Risk management standards are being followed.
• Conduct Information security internal audits. Define and assist in security control implementations
Responsibilities and Duties
• Ensure the security process is governed by organizational policies and
practices that are consistently applied.
• Require that information with similar criticality and sensitivity
characteristics be protected consistently regardless of where in the
organization it resides.
• Enforce compliance with the security program in a balanced and
consistent manner across the organization
• Coordinate information security with physical security.
Required Experience, Skills and Qualifications
• Knowledge and practical experience with frameworks and standards: ISO 27001 Implementation and
Management Good understanding of IT security standards and legal compliance aspects.
• Technical knowledge relevant experience in security domains /technologies related to: Business
Impact Assessment Infrastructure/Network security Knowledge of Data Security Standards/Privacy
Principles Ability to interface and network with Business and IT Ability to foresee and identify
mitigation strategies for Risks Must: Display excellent communication and influencing skills Be proactive and self-motivated Display Ability and eagerness to quickly learn new technologies.
• Knowledge on the following:
Bachelor’s (Preferred) or any other Computer Science degree
Minimum 2 years’ experience in Information Security.
CySa and ITIl Certification
Visit for more info ISMS Consultant
Tagged as: Other