Minimum of 3-5 years of progressive experience in information security and privacy. Please refer to the job advert for further information.
Information Security Officer
The Information Security Officer (ISO) is responsible for establishing and managing the corporate information security program to ensure IT implementation and administration adheres to information security best practice controls. The ISO monitors the organization's IT systems to look for threats to security and establishes protocols for identifying and neutralizing threats. The ISO will be assisting to improve and communicate the maturity levels of information security, the state of cybersecurity and IT risk practices across the healthcare system.
Key Duties & Responsibilities
- Responsible for development and implementation of the security architecture including all hardware, software, and professional services engagements.
- Ensure the IT and network infrastructure is designed with best security practices.
- Provide real-time analysis of immediate threats and investigate through extensive forensics all cybersecurity threats.
- Determines what went wrong in a breach, dealing with those responsible and develops plans to avoid repeats of the same crisis.
- Acts proactively to eliminate threat by ensuring that proper controls and technologies are in place.
- Owns and manages the Incident Response Plan and the DR plan.
- Prepares and coordinates security incident response training exercises and participates in crisis response training.
- Provides guidance, manages and mentors the Infrastructure team in implementing and supporting the information security architecture and technologies.
- Responsible for Identifying and tracking cybersecurity metrics to identify key risk indicators and mitigation plan.
Ideal Candidate Should Possess
- Bachelor's degree required with emphasis on management, computer science, or related field.
- Security certifications: CISSP, CISA and/or CISM preferred or commitment to obtain within two year of hire.
- Minimum of 3-5 years of progressive experience in information security and privacy.
- Experience in the implementation and management of an organization's information security program.
- Exposed to Cloud computing/Elastic computing across virtualized environments.
- Hands on experience in developing Security Architecture technology frameworks.
- Experience with Mobile and remote device management tools.
- Extensive experience in implementing security technology stacks for Networks, Client Server environments, NG Firewalls, IPS systems, Identity management systems, and DATA security among others.
- Excellent communication skills (oral and written) in English and Sinhala are mandatory. Strong analytical, presentation and organizing skills.
- Proficiency in MS Office: Word, Excel, PowerPoint.
Please click on the APPLY button to send in your CV via XpressJobs
