Develop and maintain IT Audit and Risk assessments for departments, under the guidance of our Cybersecurity/GRC Manager
Review impacts of changes pre/post-implementation to our system to maintain or improve our security posture
Evaluate and spread the word on controls and policies to drive compliance, and provide feedback to various security/compliance committees
Develop material and coordinate with vendors on information security training and awareness
Disseminate security communications across the organization as required
Collect evidence for purposes of audit and compliance
Assist with assessing the security posture of third-party vendors and suppliers
Guard Sleek from internal/external threats. Raise and respond to security incidents reported, and communicate with committees to initiate DR/BCP if necessary
Report and track incidents raised in SIEM and other sources
Aid the proper classification and rating of risk items
Initiate regular improvement drives for security across departments
Qualifications
Degree in Computer Science, Information Security, or Information Systems;
At least 5 years of experience in IT security space
Thorough grasp of Python programming basics and optimal methodologies
Good understanding of TRM or equivalent regulatory framework
Familiar with industry standards related to IT Controls – ISO 27001, NIST, OWASP, Cloud Security
Experience with Splunk SIEM is necessary, CASB/XDR tools are a bonus
Strong in analytical thinking with attention to detail
Good communication, written, and interpersonal skills
Security-related certifications are a plus: CISSP, CISM, CRISC, CGEIT, and/or CISA