Responsibilities

– Develop and review company IT Security policy, standard, and process to align with international standards, best practice and regulations.

– Protects systems by defining access privileges, control structures, and resources.

– Recognizes problems by identifying abnormalities, reporting violations.

– Evaluate the existing security control and identify areas of non or partial compliance and rectify any issues.

– Ensure the True Money policy is in accordance with General Data Protection Regulation and codes of practice

– Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.

– Determines security violations and inefficiencies by conducting periodic audits.

– Upgrades the system by implementing and maintaining security controls.

– Coordinate and work with business process owners and executives across different departments to ensure that information security requirements support business needs and security systems, and processes are working as intended.

– Formulates, and evolves the information security plan and documentation for security compliance.

– Assist in ensuring regulatory compliance and adherence to information security-related laws, rules and regulations.

– Executes security operation tasks include, but not limited to security patch management, security vulnerability management, and security configuration management.

– Monitors the industry and external environment for emerging threats and advises relevant stakeholders on appropriate courses of action.

– Implementation and maintenance of an information security incident response plan to ensure that security controls and processes are embedded throughout the lifecycle of information, systems, applications, products and services

– Review and advise security solution architect for the proposed system such as; Network Segmentation, Application protection, Defense-in-depth, Remote Access, Encryption Technologies, Backup/Replication/Multiple Sites, Cloud Technologies, and Virtual System Technologies.

– Conduct security advisory and testing along the pipeline of the system delivery.

– Conduct security awareness and training programs catered to different sets of stakeholders

– Conduct security requirements checklist, security issue management, UserID revalidation, and UserID provisioning

Qualifications

– Bachelor or Master’s degree in Computer Engineering, MIS, IT or a related field.

– At least 3 year experiences in computer security area

– Have a foundation in good information security practices.

– Knowledge of International Security frameworks, Standards, and Guidelines e.g., COBIT, NIST-800, ISO 27001, PCI-DSS, OWASP, and etc.

– Experience in system and application security management and control.

– Experience in facilitating information security risk assessments.

– Professional certificates related to work (e.g. CISSP, CISM, CISA, CRISC, CEH, Sec+, ISO 27001, PCI DSS or similar general security certification) is desirable

– Talent to identify and create a broad vision for a security solution and to execute it.

– A positive, can-do attitude, who naturally expresses a high degree of empathy to others.

– Strong problem solving and analytical abilities Able to work under minimal supervision; Detail oriented;

– Good English (Spoken and Written)

Interested candidates can send your CVs to jobs@ascendcorp.com or contact our recruiter via 016 777 664.