Tóm tắt công việc
Key duties and responsibilities but are not limited to those listed below:
- Lead and manage high, medium and low risk assessments for both supplies and projects
- Perform technical project and supplier risk assessments
- Ensure projects comply with the company’s information security policies
- Consult with stakeholders on key controls and security requirements
- Consult on remediation plans once risk assessments have been conducted
- Act as the main point of contact for all risk assessment and remediation
Strategic Support
- Work with managers to build on an existing information security program and ongoing security projects that address information security risks and compliance requirements.
- Manage the process of gathering, analysing and assessing the current and future threat landscape, as well as providing the managers with a realistic overview of risks and threats in the enterprise environment.
- Lead the preparation of institutional Information Security audits.
- Monitor and report on compliance with security policies, as well as the enforcement of policies across the VUS Campuses.
- Evaluation of compliance with stakeholder requirements, including response to requirement specifications from potential funders such as research councils &government departments.
- Evaluate and update to new &existing policies and procedures to ensure operating efficiency and regulatory compliance.
Architecture / Engineering Support
- Consult with IT colleagues to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software as part of Privacy by Design and Default. Recommend and coordinate the implementation of technical controls to support and enforce defined security policies.
- Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyse its impact on the existing environment; provide technical and managerial expertise for the administration of security tools.
- Develop a strong working relationship with the Application, Infrastructure, IT Support to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.
Operational Support
- Manage and coordinate operational components of security incident management, including detection response and reporting.
- Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
- Manage security projects and provide expert guidance on security matters for other IT projects.
- Evaluate requests for exceptions to policies, ensuring sufficient mitigating controls are in place.
- Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
Liaison &Networking – Information Security Liaison
- Provide Information security communication, awareness and training to the appropriate VUS staff and students.
- Engage effectively with appropriate external networks and external professional bodies.
Other duties
- Stay abreast of regulatory changes including cybersecurity developments and their impact on IT requirements, including relevant data privacy requirements.
- Continuously improve processes and implement tools for policy management
- Working in a clean, professional environment
- Working 8 hours/day - no night duty.
- Get accident insurance 24/7
- To be paid insurance by the Company according to the provisions of law, social insurance, health insurance, unemployment insurance
- Meal allowance
- Free uniform provided
- Annual salary increase
- Attractive salary and bonus regime, 13th New Year bonus, year-end bonus, overtime allowance.
- Well-trained for all employees