Establish, maintain, monitor and improve Information Security Management System (ISMS) according to international standards.
Establish security policies, processes and procedures to ensure compliance with the organization's security requirements and applicable government laws.
Assess security trends, evolving threats and vulnerabilities; implement a risk assessment and remediation plan; coordinate with related parties to advise on remediation.
Establish criteria to develop and train employees to increase security awareness with the best practices and company regulations/policies.
Research and develop the security standards and best practices; Implement security improvements by assessing current scenarios, trends, and maintaining security controls.
Identify security breaches and inefficiencies by performing periodic security assessments to identify potential asset-related vulnerabilities, ensuring that the operational security controls are properly performed and maintained.
Perform internal audits according to certified standards.
Develop and improve business continuity planning and disaster recovery processes.
Perform and report other duties as assigned by line managers.
What you will need
Familiar with the international standards such as ISO 20000-1, ISO 22301:2019, ITIL, NIST Cybersecurity Framework, PCI-DSS is an advantage
Bachelor's degree in Information Security/Security Audit/Information Technology
Knowledge of security, computer and network security, authentication, security protocols.
Knowledge of IT Security Compliance.
Experienced in implementing, managing and operating information security policies in one of the fields of financial/service/telecommunications organizations
Knowledge and experience in evaluating internal control activities on IT security platforms.
