Security Strategy and Planning:
• Create and implement the company’s IT security strategy and policies.
• Carry out regular risk assessments and communicate closely with stakeholders to focus on security tasks.
• Create and sustain a security awareness and training program for the internal workforce.
Security Operations:
• Overlook the daily operations of the IT security programs.
• Present and manage security controls to guard the organization’s information assets.
• Oversee and respond to security threats, incidents and breaches within the company network.
• Carry out regular security audits and vulnerability assessments.
Security Architecture:
• Develop and implement security architecture for the company’s IT systems.
• Analyze and recommend updated security technologies and tools.
• Make sure that the security measures meet the established regulations and standards.
Incident Response and Recovery:
• Create and sustain an incident response plan.
• Coordinate and manage incident response efforts during security breaches.
• Create and test disaster recovery and business continuity plans.
Compliance and Risk Management:
• Take part in and assist with audit and assessment procedures to guarantee compliance to industry standards and information security regulations.
• Evaluate and manage risks to organizations information security.
• Collaborate with internal and external auditors to address findings pertaining to IT security.
Team Leadership:
• Oversee and direct the IT security team.
• Offer team members direction and mentorship.
• Work together with other departments to encourage a security-aware culture.
Qualifications & Skills:
• A recognized bachelor's degree in computer science, information security, or a similar discipline; an advanced degree is recommended.
• A minimum of six years of proven experience managing information security.
• Industry certifications like CISA, CISM, or CISSP are very sought for.
• Thorough understanding of best practices, standards, and security frameworks.
• Excellent analytical and troubleshooting skills in systems and networking. High level of detailed attention.
• Strong leadership and communication abilities.