• Engaging with management related to protect information security risk
• Managing Information Systems cyber security, including disaster recovery, database protection and software development
• Working with management to protect information
• Monitoring emerging information and cybersecurity risks and implementing mitigations
• Informing the board and management of information security and cyber risks
• Championing security awareness and training programs
• Participating in industry collaborative efforts
• Reporting significant security events
• Oversee security analytics
• Ensures project milestones are met
• Conduct regular system tests and ensure continuous monitoring of network security
• Establish disaster recovery procedures and conduct breach of security drills
• Promptly respond to all security incidents and provide thorough post-event analyses
• Cultivate security awareness by arranging continuing education of personnel
• Manage and enhance a compliance driven policy and procedure framework
• Contribute to completion of customer security questionnaires

Required Qualifications:

• Minimum of six (6) years of experience in IT related field
• Training and experience in both forensic investigation and incident response
• Bachelor degree in IT, or Computer Science, or Cyber-Security or other technology-related degree
• Experience leading or participating deeply in diverse security control assessments i.e. HITRUST CSF, SOC, ISO, HIPAA etc.
• Excellent analytical skills, the ability to manage multiple projects under strict timelines, as well as the ability to work well in a demanding, dynamic environment and meet overall objectives
• A strong understanding of the business impact of security tools, technologies and policies
• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management and business personnel
• In-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls
• Excellent understanding of information security concepts, protocols, industry best practices and strategies
• Experience in system technology security testing
• Familiarity in application technology security testing

Preferred Qualifications:

• Security Certifications such as CISSP and/or Certified Ethical Hacker would be beneficial

NA