Duties & Responsibilities: Assist in developing strategies for IT Security policies and procedures Develop vision, principles and strategy for security for multiple projects or technologies; working in a particular business line as subject matter expert, to support IT teams in delivering engagements at scale, which may require subtle security needs and requirements, contributing to development of information security policy, standards, procedures and guidelines Conduct IT security/cyber security research
Ability to research, articulate, pitch complex and innovative security advice, at both business and technical levels, for new or existing problems, with the objective to justify and communicate decisions directly to key customer stakeholders including senior management.
Plan and design security architecture for IT systems.
Identify IT security risks and recommend protocols
Experience in identifying and applying security risk and familiarity with common control frameworks, with the ability to investigate major breaches of security and recommending appropriate control improvements. Determine security protocols by evaluating business strategies and requirements.
Respond to, and investigates, security incidents and provide thorough post-event analyses
Review system security measures and implements necessary enhancements and controls.
Monitor and conduct regular IT security checks
Conduct regular tests and monitoring of network security.
Verify security systems by developing and implementing test scripts.
Assist in establishing a disaster recovery plan
Establish disaster recovery procedures and conducting breach of security drills.
Build IT security Awareness
Cultivate a culture of security awareness, and arranging continuing education of personnel to ensure security policies are always adhered to.
Deliver IT security Solutions
Enhance security accomplishments and security competencies by planning the delivery of IT security solutions and answering business and technical questions.
Requirements
Formal Education:
Bachelor’s or associate degree in computer science, IT, or a related field.
Cyber Security Certification e.g. ISC2 CISSP, ISC2 CCSP, ISACA CISM or similar
TOGAF and IT security or risk assessment certifications (advantage)
Experience:
5 – 7 years experience in IT risk management and information security.
Financial services industry experience in IT Secuity Architecture (Life insurance experience will be an advantage)