Manager, Information Security - Risk

Job Description

• Identifies infrastructure Information security risks and define the controls required to mitigate the risk.                                                                                                                       
• Develop and maintain organization, Third party and vendors risk management framework                                                                          
• Conduct continuous risk assessment for existing and new IT assets                          
• Conduct Vendors and third party risk assessment.            
• Establish reporting communications that support Information Security Risk management  activities                                                                                                                      
• Ensure implementation of necessary information security policies, standards, procedures and guidelines.                                                                                                                   
• Maintain and administrate the organization risk assessment tool.             
• Maintain and provide regular update to the organization security risk register and provide management dashboards                                                                                                                     
• Ensure compliance to existing and new system against applicable regulations including but not limited to ( PCI DSS, ISO 27001, Cyber Security framework)           
• Risk Identification classification, assessment and evaluation.