Job Purpose:

Manage the basic requirements for security and privacy in Entity and work closely with suppliers and consultants to develop standard designs and security solutions according to best practices and industry standards.

Key Accountabilities:

• Provide architectural standards, develop policies and designs related to corporate security.
• Work in coordination with the infrastructure team to monitor the level of service
• Drafting the bid requirements, evaluating the suppliers, and evaluating the security solution proposed by them
• Develop, design and document information security policies, standards and guidelines taking into account all ramifications, assessing risks and ensuring adherence to them
• Participate in internal and external audits of information technology security on applications and infrastructure
• Determine security elements that meet current and future business requirements
• Planning, developing, maintaining and improving the Information Security Management System (ISMS) at the entity in cooperation with the Security and Control Department
• Participate in incident response and detect and investigate any intrusions
• Reconciling security compliance with business requirements by identifying risk mitigation methods or identifying appropriate controls required
• Participate in the development of the life cycle of the system to ensure that security issues are identified and addressed early on and provide the necessary security advice for key initiatives in the Security applications
• Manage multiple integration projects including ordering equipment, testing phases, installation and implementation of necessary improvements
• Design security solutions and applications to meet business requirements
• Assist in developing a strategic security architecture vision that includes standards, policies and procedures that are in line with the overall business strategy and best practices.
• Industry standards such as ISO, NIST, SOC, DESC ISR, etc.
• Review the current IT security architecture, identify design gaps and recommend security improvements.
• Developing a security architecture for the entity that complies with industry and global standards, as well as government regulations.
• Upgrading security systems by monitoring the security environment, identifying security gaps, and evaluating and implementing improvements.
• Research current and emerging security threats and design security architecture to mitigate threats where possible.
• Evaluate new and emerging security technologies for their potential suitability within the organization.
• Report actual or suspected vulnerabilities / breaches in the confidentiality, integrity or availability of data and security breaches to the Security and Control Department at the entity and information technology management.