- Facilitate IT Security Operational needs and Risk assessment to report back to Security Leadership.
- Provide regular reporting on the current status of the information security Operations program to enterprise information security leadership
- Liaise with the enterprise security architecture team to ensure alignment between the security architecture and security Operations, ensure , regulations and policies to minimize or eliminate risk and audit findings.
- Assist resource owners and IT staff in understanding and responding to security audit failures reported by auditors.
- work with IT and security staff to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software. controls to support and enforce defined security policies.
- Design, coordinate and oversee security-testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
Experience and Qualifications
- A minimum of 15 Years of IT experience, with 12 years in an information security role and at 5 years in a supervisory capacity.
- The ability to interact with personnel, build strong relationships at all levels and across all business units and organizations, and understand business imperatives
- Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff.
- Project management skills: scheduling and resource management.
- Exhibit excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
- Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision
- A strong understanding of the business impact of security tools, technologies and policies.
- Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL), PCI DSS, GDPR
- Experience in system technology security testing (vulnerability scanning and penetration testing).
- Familiarity in application technology security testing (white box, black box and code review)
Technical Skills :
With hands on 4 years experience in Application Security / Network Security / MSS or SOC / Security Architecture / Security Operations / Device Security / Cloud Security (Azure) / End Point Security / Security Incident and Investigation/EDR/MDM/PAM
Mandatory with Team Handling, Security Incident Management & Good hold in Layered Security Concepts.