Security Planning

N/A

N/A

• Develop resource allocation plans and implement strategies and policies.
• Explains the purpose of and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls.
• Performs security risk, vulnerability assessments, and business impact analysis for medium complexity information systems.
• Investigates suspected attacks and manages security incidents.
• Uses forensics where appropriate.

•  Formulate the strategies and policies that are forward-looking and focus on bottom line results.
• Provide advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
• Obtain and act on vulnerability information and conduct security risk assessments, business impact analysis and accreditation on complex information systems.
• Investigate major breaches of security, and recommend appropriate control improvements.
• Contribute to the development of information security policy, standards and guidelines.

• Build actionable organisation strategy plans and policies that are forward-looking, anticipate strategic risks and focus on bottom line results.
• Develop and communicate corporate information security policy, standards and guidelines.
• Contribute to the development of organisational strategies that address information control requirements.
• Identify and monitor environmental and market trends and pro-actively assess impact on business strategies, benefits and risks.
• Lead the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions such as legal and technical support.
• Ensure architectural principles are applied during design to reduce risk and drive adoption and adherence to policy, standards and guideline.
• Direct the development, implementation, delivery and support of an enterprise information security strategy aligned to the strategic requirements of the business