Job Summary:
The jobholder is responsible for supporting the implementation of Information Security management System based on ISO27001 and best practice.
Key Responsibilities:
Implement Information Security Management System based on the ISO/IEC 27001 series standards, including preparation for certification against ISO/IEC 27001
Perform gap analysis of information security standards such as ISO 27001 and create compliance reports for information security standards such as ISO 27001
Develop/review IS policies, standards, procedures and guidelines, in liaison with the stakeholder to obtain appropriate approvals and feedback for implementation.
Compliance monitoring and improvement activities to ensure adherence to internal security policies, procedure, standards and applicable laws and regulations
Support departments to manage implementation of information security management system.
Prepare materials and conduct Information security awareness, training and educational activities to stakeholders.
Manages information security risk assessments and controls selection activities
Perform testing of internal controls specified in Information Security Policies and Perform internal audit reviews to assess the effectiveness of current information security controls
Ensure timely and effective corrective actions are taken to correct deficiencies and provide status reporting.
Support the Information Security program including development, collection, assessment, and reporting of metrics
Recommend security policy changes and enhancements as needed
Conduct mock ISO Audits and, report on departments’ preparedness for final audit and certification
Support ISO 27001- audit and certification activities Day-to-day information security operations, supervision, reporting, management of performance and development of staff in the function
Academic Qualifications
A Bachelor’s degree in Computer Science or related field from a recognized institution.
Professional Qualifications
Must have at least one of the following security certifications or training in CISA/CISM/CEH/CHFI/ECIH/CISSP/ISO 27001/CRISP,
Relevant Work Experience
At least one (1) year related IT security work experience in a large or busy organization.
Technical Skills Required:
Experience in Information Security Management System
Experience in development of policies and procedures
Knowledge in Information security risk management
Experience in Information security awareness development and training
Experience in cyber security threat Analysis or incident management
Key Competencies:
Excellent stakeholder engagement skills
Analytical mind with problem-solving aptitude
Excellent listening, communication and presentation skills
Reliable and thorough with a deep commitment to accuracy
Self-motivated and able to work independently
A team player
Ability to prioritize competing work commitments and deliver on time
go to method of application »
Use the link(s) below to apply on company website.
Apply via :
Leave a Reply