Position Purpose:
• Protect the information processing assets
• Manage vulnerabilities within the information processing infrastructure
• Manage threats and incidents impacting the information and network resources
• Assure through policy the appropriate use of the information resources
• Educate employees about their information security and privacy protection responsibilities
Tasks / Responsibilities
• Handle Periodic (daily, weekly, monthly, quarterly, semi-annual and annual) IT security related jobs (these are mainly related to checking the different systems security management logs and ensuring IT practices complies with the Information Security Policy).
• Focal point of contact with internal and external entities handling IT security related jobs.
• Maintain the “IT Security Policies”
• Establish Applications Security and Control procedures in coordination with IT department and in line with the “IT Security Policy”, and follow-up with IT Department on implementation of established procedures.
• Periodically review and update the IT Security Policy and Applications Security Procedures, in line with Systems and Applications modifications and new international and local security requirements.
• Follow-up and enforce the implementation of IT Security and Control procedures by IT Department and add necessary procedure modifications to ensure security controls are in line with the IT resources and infrastructure.
• Assess IT security and control recommendations submitted by the Security Committee, IT management, external IT security consultant or any other party, and follow-up the implementation of approved recommendations by concerned party.
• Periodic assessment and gap analysis for systems security setup, including Operating system platforms, Application platforms and Hardware platforms.
• Periodically review, document and assess all access points to the systems, and assess the security measures taken to secure the different access points.
• Handle security incidents, reported by IT Auditor(s), Internal Audit Department, IT Department, Staff members and any other party. This includes analyzing the incident, outlining reasons, specifying and implementing resolution after obtaining necessary approvals and finally updating Security Policy and related Procedures.
• Security Monitoring: Review the security logs and audit trails for the Operating systems, Applications, Communication devices and others, for discrepancies and specific activities.
• Participate in IT projects and new implementations in its early stages and before life implementation, by assessing the security setup and ensuring new systems (Hardware and Software) complies with the approved IT Security Policy and Control Procedures.
• Participate in Business Continuity Planning, and ensure contingency plan is periodically tested and updated by IT Department.
• Assess security-monitoring tools including Intrusion Detection Systems (IDS), Firewalls, Audit trail systems and others.
• Update IT Department with security breaches reported by system vendors, and ensure recommended solutions are tested and implemented to minimize the risk of exploiting existing vulnerabilities.
• Promote IT Security awareness throughout the company using different techniques including training sessions, circulars, Confidentiality statements and others.
تفاصيل الوظيفة
| 2014-04-28 | تاريخ الإعلان عنها: |
| الرياض, المملكة العربية السعودية | منطقة الوظيفة: |
| غيرذلك | الدور الوظيفي: |
| صناعة | قطاع الشركة: |
المرشح المفضل
| متوسط الخبرة | المستوى المهني: |
| ذكر | الجنس: |
| بكالوريوس/ دبلوم عالي | الشهادة: |
تقدم الآن - وظائف في السعودية - وظائف في جدة, المملكة العربية السعودية - وظائف في الرياض, المملكة العربية السعودية - وظائف غيرذلك في السعودية - بحث عن جميع الوظائف
http://ift.tt/1hGju6t
