KEY RESPONSIBILITIES: MUST NOT BE MORE THAN 10

• Identify gaps in security controls and recommend improvements to mitigate risks.
• Evaluate the effectiveness of cybersecurity controls, including vulnerability management and access management.
• Provide technical Cybersecurity Assurance related support to ICT projects as needed.
• Contribute to the development and improvement of Security Policies and Minimum-Security Configuration Baseline Standards in line with industry best practices and technologies.
• Define, create, and deliver compliance reports and relevant metrics in Cybersecurity Assurance to senior management and relevant stakeholders.
• Provide tactical security expertise across various security domains as assigned from time to time.
• Provide input into Cybersecurity risk and control self-assessments by leveraging specialized knowledge in the Cybersecurity Assurance Space.
• Research on and provide technical expertise on improvements for assurance within the Group Cyber Security department.
• Participate in activities aimed at mitigating information and cyber risks identified by various assurance teams such as Information Risk and Audit

DAILY RESPONSIBILITIES: NOT MORE THAN 5 OF THE MOST TYPICAL

• End-to-end security management, optimization, and monitoring of Cybersecurity Assurance security solutions.
• Preparing technical and compliance reports.
• Identify gaps in security controls and recommend improvements to mitigate risks.
• Carry out continuous security reviews against minimum security baselines and implement or ensure remediation actions are completed.
• Drive implementation and maintenance of Cybersecurity Assurance standards.

CHALLENGES: GIVE ONE EXAMPLE OF THE CHALLENGES ENCOUNTERED IN THIS JOB

• There is greater demand by the business to provide access to business-critical applications, and collaborative tools within and beyond the traditional network perimeter. The greater challenge is in providing this access while at the same time mitigating the risks to authentication of users and security and protection of the organisation’s information assets. When there is inability or mishap in the authentication of users and protection of these assets, the organization may lose data or competitive edge or even suffer financial losses and the associated reputational and regulatory risks.

MINIMUM POSITION QUALIFICATION REQUIREMENTS

Academic & Professional

• Education     Bachelor’s Degree    BSc. Information Technology / Computer Science / Telecommunications / Engineering Electrical, Electronic or related field    RQ

Professional Qualifications    

• Security certification such as CISA, CCSP, CISSP, CEH, SSCP, CompTIA Security+, CRISC, Microsoft Azure Security Engineer Associate, OSCP, AWS certified Security, GSE, CCFP, CSX-F, ECSA, CCNA-Cyberops.

At least one RQ

• Master’s Degree    MBA/MSc    AA     

Detail    Minimum No of Years    Need Type

• Experience in Cyber Security    2    ES
• Experience in Project Implementation and user training    1    DE
• Experience in large busy technology environment     3    ES
• Experience in System, Network, or Database Administration    1    ES