Information Security Governance & Compliance Specialist

JOB PURPOSE

To develop access right matrices, conduct periodical Information Security (IS) audits, and identify company employees’ training needs in order to develop awareness and training programs and ensure IS resilience within set policies and procedures.

ROLES AND RESPONSIBILITIES

IS Governance and Compliance

• Develop an Information Security program, plan, and processes and communicate them to relevant internal and external stakeholders
• Guide the development of access right matrices ensuring governance of data accessibility and rights and raise to Manager for validation and communication to relevant stakeholders
• Ensure continuously that controls are in compliance with data protection, privacy, and security requirements
• Conduct periodical Information Security audits and support the development of reports to be raised to higher management
• Analyze noncompliance patterns and support the drafting of impact on the level of risk and overall effectiveness of the Information Security program

IS Awareness and Resilience

• Identify company employees’ level of awareness of Information Security following the collection of requirements
• Develop Information Security awareness and training program ensuring company employees’ needs are addressed
• Contribute to the implementation of awareness campaigns and conduct relevant training for company employees on Information Security
• Handle Information Security awareness workshops during onboarding of new employees
• Draft response plans for potential cybersecurity incidents that may affect business continuity
• Provide expert advice on disaster recovery plans ensuring compliance with set policies and procedures