TS Controller Cyber Security and Risk Management

Key responsibilities • Assess the efficacy of implemented information security controls in alignment with the Information Security Management System (ISMS) framework requirements. • Create robust security standards, procedures, and controls to effectively manage risks in align with business requirements. • Regularly evaluate risks associated with information systems and supporting infrastructures. • Maintain ongoing surveillance of information security controls, exceptions, and risks. • Generate comprehensive management reports including key performance indicators for information security controls. • Engage with both internal and external stakeholders to facilitate audits and assessments, including SOC-2, ISO 27001, 27017, 27018, NCSA, CSF, and PCI. • Review IT service requests to ensure security compliance. • Evaluate proposed project and operational changes with a focus on information security requirement adherence. • Familiarity with applicable information security management, governance, and compliance principles, practices, laws, rules, and regulations. • Understanding of information technology systems, network infrastructure, data architecture, processes, and protocols. • Proficiency in cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration. • Knowledge of information systems auditing, monitoring, controlling, and assessment processes. • Competence in incident response management and risk assessment methodologies.