Information Security Section Head- IT Department
Job Purpose
He/she is responsible for managing and overseeing all aspects of the organization’s information security strategy, policies, and practices.
This role ensures that all sensitive information is protected from unauthorized access, vulnerabilities, and potential threats.
The individual in this role will lead the design and implementation of security systems and ensure compliance with regulatory standards, working closely with other IT sections, compliance, and other relevant departments.
Job Responsibilities
- Developing and implementing the company’s information security strategies, frameworks, and best practices to ensure the protection of sensitive data.
- Aligning security strategies with University’s objectives to manage risk, ensure business continuity, and protect the University's data and infrastructure.
- Reviewing, assessing, and improving the University's security policies and practices.
- Managing audits and assessments related to security compliance and work to address gaps.
- Leading the development and enforcement of security policies, procedures, and standards across the University.
- Conducting regular risk assessments and vulnerability analysis of the organization’s IT infrastructure, networks, and systems.
- Identifying potential security risks and implementing solutions to minimize vulnerabilities.
- Establishing and monitoring processes to detect, respond to, and recover from security incidents.
- Leading the response to information security breaches, incidents, and vulnerabilities, including coordination of post-incident investigations and reporting.
- Providing ongoing training and awareness programs for employees on information security best practices, ensuring an organizational culture of security awareness.
- Generating regular reports on the organization’s security status for senior management and stakeholders.
Job Requirements
Educational Qualifications
Desired:
- Bachelor’s degree in information technology, Computer Science or Engineering.
CISSP Course is a must.
Preferred:
- ISO 27001 Lead Implementer.
Experience
Desired:
- 5+ years of experience in information security roles.
- Strong experience in security governance, compliance, and risk management.
- Hands-on experience with security technologies such as firewalls, SIEM, IDS/IPS, encryption, and endpoint protection.
- Expertise in network security, endpoint security, and security architecture.
Technical Skills
- Strong understanding of current Cyber Security threats, trends, and mitigation strategies.
- Familiarity with security frameworks and standards such as NIST, COBIT, ISO 27001, and GDPR.
Competencies
Core:
- Interpersonal Skills.
- Collaboration.
- Integrity & Accountability.
- Results Focus.
Apply Here!