• Evaluates risks and develops security standards, procedures, and controls to manage risks.
• Enhances cybersecurity security posture through process optimization, policy, automation, and ongoing capability evolution.
• Implements required security controls.
• Continuously improve the security framework, methodology, standards, and system of internal controls.
• Assesses new security technologies to determine potential value for the enterprise.
• Test and evaluate Information Security systems.
• Performs risk assessments, Cybersecurity audits, vulnerability tests and reports to management with findings and undertake measures to ensure conformance.
• Execute and manage Patch Management solutions in accordance with the methodology.
• Periodic Review of identity access management and ensure authorized persons have access as per policy.
• Implement cybersecurity awareness program that meets all industry regulations, standards, and compliance requirements.
• Support workforce security activities including culture, awareness, and training.