The role is to assume day to day responsibility for the Cyber Risk Management functions and provide a centre of excellence for advice on information security matters for the company and its subsidiaries. Act and assist in the development, implementation and execution of Cyber Risk Management functions which are aligned with company strategy.
Job Description
- Manage day to day cybersecurity risk functions.
- Collaborate with IT operations to enforce IT security controls. Ensure that IT security controls are adequate, appropriate and effective.
- Actively participates in regular meetings with project team, IT operations and other business units to address IT security matters.
- Govern and oversee cyber risk management activities to ensure compliance with regulatory requirements and internal policies.
- Communicate the results of risk assessment to governance and working committees.
- Proactively measure cybersecurity threats and risk metrics to mitigate current and emerging risk events.
- Provide detailed reports and briefings to leadership on emerging threats and security incidents.
- Conduct cyber risk assessments for projects and ad-hoc initiatives to identify, evaluate, and mitigate security risks
- Conduct phishing simulation test and cyber drill exercise.
- Monitor and analyze cybersecurity threats, vulnerabilities and attack trends.
Qualification/Requirements
- Degree in Cybersecurity, Information Technology or equivalent IT discipline.
- Possess at least 3 years of work experience in security assessment and enforcement or implementation of IT security controls.
- Possess professional certification in the field of information security, governance and risk management will be an advantage.
