Head Of It Risk And Security
Current• Create and execute the Cybersecurity roadmap along with reviewing security policies, changeControls and incident response plans, DR/BCP plans and ensuring that they are regularly tested.• Managing SIEM, EDR, email security, VA, Pentest, Bug Bounty, DC/Cloud security incidents including reviewing investigations after breaches or incidents, including digital forensics.• Performing simulated phishing campaigns and security awareness training as well as ongoingCommunication to staff of cyber security policies and procedures.• Maintaining regulatory compliance to all relevant and applied standards (e.g. SOC2, APRACPS234, ISO 27001 & PCIDSS).• Constantly update the cyber security strategy to reflect changing laws and applicable regulations, and to leverage new technology and threat information.• Communicate best practices and risks to all parts of the business along with managing third party risks.• Ensure that our vendors and IT contractors are compliant with their risk and security responsibilities.• Running monthly risk forums & ensuring that systems are regularly patched and hardened.• Implemented Digital Forensics and Incident Response service.• Ensure that any security vulnerabilities that have been raised are mitigated, coordinating between stakeholders and technical resources where needed.