GRC

Responsible for ISO 27001 based Information Security Management System implementation and sustenance.

Responsible to assist in review of Information Security controls in areas as: Change management process, Incident management process, Backup process, User identity and access management, Antivirus management, SLA performance and monitoring, Exchange of information, Physical Security

Responsible to assist in developing information assets inventory and classification.

Review & Analyze system generated reports, logs, audit reports, vulnerability test results, and penetration test reports. 

Assess of operating system updated, patches and request configuration changes to tighten security

Ensure the security of traffic that passes through the network

Understand the attack simulation and provide suggestions on improving the enterprise security

Review and analyze the security incidents, emerging threats & alerts that are generated in security device logs

Assists security administrators and IT Team in the resolution of reported security incidents

Analyze the results of security assessments and work with system owners to remediate found issue

Review and maintain risk control matrices.  Assess information security posture, identify the risks in the environment and share solutions to mitigate the identified risk

Assess information security posture, identify the risks in the environment and share solutions to mitigate the identified risk

Assess of user access provisioning and de-provisioning.

Responsible for creating weekly dashboard on the security statuses providing high level review of Information Security to the upper management