Job Description

Security Governance and Risk Management • Developing and implementing security policies, plans and procedures • Conduct risk assessments and recommending mitigating controls for identified risks • Ensure Security Best practice / compliance is maintained & all relevant documents are reviewed & updated Security Operations • Leading security operations and provide engineering teams with hands-on resource addressing product security issues • Leading the development and operations of the SOC to ensure optimal identification/resolution of security incidents, and enhance client’s security • Develop and maintain an incident response management program that includes incident detection, analysis, containment, eradication, recovery and chain of evidence/ forensic artifacts required for additional investigations. • Manage the collection, documentation and reporting of security incidents received via the SOC Software Development Security • Identify and quantify security flaws early in the product development process • Supply product and engineering teams with capabilities in finding, preventing and fixing application security bugs and flaws during product developments • Support engineering teams in writing secure code • Provide training in secure development practices Security Assessment and Testing • Ensure efficiency of security controls • Monitor key performance indicators and determine gaps in performance metrics • Conduct auditing, vulnerability assessment, and penetration testing activities Security Awareness and Training • Plan security awareness and training Security Architecture and Design • Provide security architectures and propose proper security controls • Monitors compliance and regulatory guidelines and defines impact on the Enterprise and translating it into design requirements and solution architectures Management • Control budgets for security operations and monitor expenses • Recruiting, training and supervising security engineers • Attend meetings with other managers to determine operational needs • Plan and coordinate security operations for specific events • Coordinate staff when responding to emergencies and alarms • Review reports on incidents and breaches • Investigate and resolve issues • Create reports for management on security status • Analyze data to form proposals for improvements (e.g. implementation of new technology) • Solid people management skills including: providing direction, monitoring performance, motivating staff and building a positive working environment