tendersglobal.net
The aim is to supervise and guarantee the implementation and embrace of the Cyber Risk framework throughout IsDB. This role involves wielding the authority of the second line of defense at a corporate level to handle cyber and information security risks.
The key tasks include overseeing the risks associated with IsDB’s IT resources and information assets by formulating a cyber risk management framework, executing annual risk assessment plans, maintaining the IsDB cyber risk register, tracking the progress of risk mitigation plans, and ensuring the governance of risk management in the first line of defense.
Cyber and information risk governance
Establish, update and maintain cyber risk management framework and associated artifacts.
Ensure that risk management practices are executed as per the framework in the1st and 2nd lines of defenses.
Oversee the risks identified by 1st line of defense and consolidate or update in IsDB cyber risk register.
Cyber Risk Management
Identify and manage information security risks to achieve business objectives, through developing systematic, analytical, and continuous risk management processes to ensure that risk identification, analysis, and mitigation activities are integrated into projects and process life cycles.
Cyber Risk Monitoring
Monitor the progress of risk mitigation plans listed in IsDB cybersecurity risk register, and verify the effectiveness of controls implemented as per risk mitigation plans.
2nd Line of Defense Governance
Provide advisory inputs to 1st line of defense and IMDT about cyber security projects.
Participate in reviewing cyber security artefacts.
Bachelor’s degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related discipline.
10 years of relevant post-qualification experience, with at least three (3) years of cyber risk management experience.
3 years of managerial / relevant supervisory experience is mandatory.
Possession of security and risk certifications, such as CISSP, CISM, CISA, CRISC, etc., would be an advantage.
Mixed managerial, analytical, and technical skills and knowledge in all aspects of computer security in multi-IT areas: database, development, network, operating systems, IT security, applications security, etc.
Good understanding and writing skills of computer systems security strategies, policies, principles, procedures, and standards.
Good technical knowledge and experience in Business Continuity Planning areas.
Good understanding of Incident management and security related events and response processes.
Good Knowledge of risk assessment processes
Good understanding of 1SO27001-2, and current legal and regulatory requirements relating to information security and privacy
English – Required
Arabic – Preferred
French – Preferred
Apply
To help us track our recruitment effort, please indicate in your cover/motivation letter where (tendersglobal.net) you saw this job posting.
Job title: Office Assistant, Derby Company Essential Recruitment Job description of other administrators and specialists…
tendersglobal.net JOB DESCRIPTION Org. Setting and Reporting This position is located within the Joint Human…
tendersglobal.net The International Rescue Committee (IRC) responds to the world's worst humanitarian crises, helping to…
tendersglobal.net Organizational Context The International Federation of Red Cross and Red Crescent Societies (IFRC) is…
tendersglobal.net JOB DESCRIPTION Org. Setting and Reporting This post is found in the Office of…
tendersglobal.net CARE in Timor-Leste is seeking the services of a consultancy firm/ consultant, referred to…
This website uses cookies.