Associate Lead Consultant SOC Management
Full Time
1 month ago
Employment Information
The Cyber Security Manager develops strategic and tactical plans for risk management. He/ She establishes the governance framework for information security to provide assurance that information security strategies are consistent with applicable laws and regulations. He/ She identifies key security initiatives and programs through a risk based approach. He/ She communicates new key security initiatives and risks to top management and stakeholders to ensure that information risk is understood and identified. He/ She monitors and reports the performance of the security program to senior management. The Cyber Security Manager advises management on the impact of the organisations key risks. He/ She recommends mitigation controls for the organisations key risks and manage key projects
- Analyse and correlate information security events to identify appropriate event handling actions.
- Assess operational and implementation costs, and evaluate them against the potential business impact if the policies and controls are not implemented.
- Assess the effectiveness of the measures against security risk management plan.
- Develop IT security policy and operational procedures based on information collected.
- Develop a documented action plan containing policies, practices and procedures that mitigate the identified risks.
- Document information related to IT security attacks, threats, risks and controls.
- Establish a standard methodology for performing security tests in accordance with security requirements.
- Establish review procedures based on organisations security risk management plan.
- Evaluate effectiveness of current incident response plan against industry good practices.
- Evaluate response plans periodically to ensure relevance.
- Identify threats and risks that are relevant to organisations operations and systems.
- Monitor the effectiveness of action plans in addressing information risks.
- Obtain corporate managements endorsement of security policies, standards and procedures by articulating cost and benefits.
- Perform comparative analysis of security service performance level parameters against security information sources.
- Prepare information security performance report based on results from analysis and correlation of information security events.
- Rate and categorise potential security incidents.
- Recommend suitable enhancements to improve information security performance.
- Review business and security environment to identify existing requirements.
- Review security policies, standards and procedures by considering the threats identified and other information collected.
- Test incident response plans periodically to ensure response times and executed procedures are acceptable
- Degree or equivalent qualification in Electronics, Computer Engineering, Electrical engineering, networking, or equivalent practical experience,
Other requirements
- Travel will be required on need basis,
- You will be working during client business hours based on the project you will be allocated into,
- Office reporting is flexible and encourage hybrid working for this role. However, reasonable reporting into office for project meetings and client meeting attendance is mandatory,
- All working days reporting may be subjected to project or organization demand.
Share this
