To safeguard technology infrastructure and any privileged or proprietary information that the business possesses; to provide guidance and management for all information security needs
Knowledge | * Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans * A strong understanding of the business impact of security tools, technologies and policies * Familiarity with applicable legal and regulatory requirements * Familiarity with the principles of cryptography and cryptanalysis * An understanding of operating system internals and network protocols
|
Experience | * Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks * Experience in leading communications with senior stakeholders * Previous management experience and strong leadership abilities, including the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision * Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies * Strong analytical skills to analyse security requirements and relate them to appropriate security controls * Experience in application technology security testing (white box, black box and code review) * Experience in system technology security testing (vulnerability scanning and penetration testing)
|