Job Description
We are looking for an Information Security Consultant to join our dynamic team. In this role, you will play a crucial part in developing and implementing security strategies, conducting risk assessments, and ensuring compliance with industry standards.
Role Overview:
- Develop and maintain information security policies and procedures, aligned with business needs and industry best practices.
- Ensure compliance with IT Management System (ITMS) requirements.
- Develop and maintain the information security risk framework to assess, monitor, and review information security risks for the organization.
- Maintain risk treatment strategies and work with risk owners to manage their lifecycle.
- Manage and implement an information security audit program, ensuring the management of non-conformities and improvement opportunities identified during audits.
- Manage identified vulnerabilities, policy violations, or non-conformities discovered during audits.
- Lead and manage the investigation and response to security incidents to ensure timely and effective containment, eradication, and recovery actions.
- Document incident details, actions taken, and contribute to post-incident reports for continuous improvement.
- Develop and implement security training and awareness programs for employees on best practices, policies, and security guidelines.
- Collaborate with different groups to promote a security-conscious culture.
- Implement and provide regular security reports to top management and other stakeholders, offering insights into the status of information security metrics.
