Assistant IT Manager (Security & Compliance)Collaborate with the security consultancy firm to develop IT/OT security policies and procedures based on ISO 27001 standards.
Ensure policies align with the organization's needs and compliance requirements.
Conduct regular audits and assessments to ensure compliance with ISO 27001 and other relevant standards.
Develop and implement governance frameworks and SOPs to ensure data security and compliance.
Review all gap assessments to identify vulnerabilities and areas of non-compliance.
Develop and execute remediation plans to address identified gaps.
Understand the organization's IT business operations to ensure security measures are integrated seamlessly.
Work closely with IT teams to implement and manage security solutions that support business objectives.
Identify potential security risks and develop strategies to mitigate them.
Monitor and respond to security incidents, conducting root cause analysis and implementing corrective actions.
Develop and deliver security awareness training programs for employees.
Promote a culture of security within the organization.
Serve as the primary liaison between the organization and the security consultancy firm.
Coordinate with other departments to ensure alignment on security and governance initiatives.
Job Requirements:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. A Master's degree is preferred.
Minimum of 7-10 years of experience in IT security and governance, with a strong focus on compliance.
Proven track record of developing and implementing IT security policies and procedures at a senior level.
Experience working with security consultancy firms.
Skills
Knowledge of IT business operations and integration of security measures.
Extensive knowledge of ISO 27001 standards and compliance requirements.
Knowledge of Operation Technology in automation and control system and IEC62443.
Relevant certifications such as CISSP, CISM, CISA, or ISO 27001 Lead Implementer/Auditor are highly preferred.
Superior analytical and problem-solving skills.
Ability to conduct comprehensive investigations and root cause analysis.
Exceptional verbal and written communication skills.
Ability to clearly articulate security concepts and strategies to both technical and non-technical stakeholders, including top management.
Proven leadership skills with the ability to drive security initiatives and foster a security-first culture.
Strong ability to work effectively with cross-functional teams and third-party consultancy firms.
Strong project management skills, with experience leading complex security projects from inception to completion.
Ability to think strategically about the organization's security needs and develop long-term plans to meet those needs.#J-18808-Ljbffr