Contribute in overall Data Governance principles and methodologies
Advisory to business units and IT to identify risks, raise awareness and recommend pragmatic measures to reduce the risk level
Participate in managing IT Risks
Conduct risk assessments and participate in Security audits
Develop IT Security policies and guidelines
Developing security awareness material and conducting training for various target audience
Conduct IT Risk and Security assessments to identify Security risks and follow-up mitigation items
Provide an advisory role to IT and the Business to specify pragmatic security requirements
*Co-ordinate and follow the IT Risk Management Process
Maintain and update IT Risk Register
Participate in Audits and provide advisory to re mediate the findings
Participate in activities related to various compliance's e.g. PCIDSS, ISO27K1, CAD and etc.
Evaluate and perform benefit analysis of security products
Communicate to senior management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
Support the development of security architecture, security policies, principles and standards
Provide SME support in the resolution of reported security incidents and provide leadership where required
Maintain up-to-date understanding of the latest threats, vulnerabilities, mitigation and industry best practices
Develop Security awareness material and conduct Security awareness training for various target audiences
Advise on exception-based security requests
Participate and contribute in the development and improvement of Data Governance and Data classification principles