IT Security Advisor - Risk Identification and Incident Response


PURPOSE OF POSITION:

The IT Security Advisor for Risk Identification and Incident Response will be responsible for the identification, evaluation, and prioritization of global IT security risks for World Vision. These risks, as part of a formal risk registry, will be in alignment with and incorporated into a broader WV Enterprise Risk Management (ERM) framework and methodology.
In addition, this individual will be responsible for the development and oversight of a global incident response plan and strategy.



KEY RESPONSIBILITIES:

    RISK ASSESSMENTS:
  • Works directly with the customers and other internal departments and organizations to facilitate IT risk analysis and risk management processes and to identify acceptable levels of residual risk.
  • Conducts business impact analysis to ensure resources are adequately protected with proper security measures.
  • Assesses potential items of risk and opportunities of vulnerability in the network and on information technology infrastructure and applications.
  • Reviews risk assessments, analyzes the effectiveness of IT control activities, and reports on them with actionable recommendations.
  • Evaluates security risks and identifies and defines compliance strategies in accordance with policies and standards.
  • Provides management with risk assessments and security briefings to advise them of critical issues that may affect customer, or corporate security objectives.
  • Communicates with multiple departments and levels of management in order to resolve technical and procedural IT security risks.
  • Develops remediation strategies to mitigate risks associated with the protection of infrastructure and information assets.
    STRATEGY:
  • Provides strategic and tactical direction and consultation on security and IT compliance.
    POLICIES, PROCEDURES, & STANDARDS:
  • Maintains an up-to-date understanding of industry best practices.
  • Develops, enhances and implements enterprise-wide security policies, procedures and standards across multiple platform and application environments.
  • Monitors the legal and regulatory environment for developments.
  • Recommends manages implementation of required changes to IT policies and procedures.
  • Monitors compliance with security policies, standards, guidelines and procedures.
  • Ensures security compliance with legal and regulatory standards.
    BUSINESS REQUIREMENTS:
  • Engages directly with the business to gather a full understanding of project scope and business requirements.
  • Assesses business needs against security concerns and articulates issues and potential risks to management.
  • Consults with other business and technical staff on potential business impacts of proposed changes to the security environment.
  • Provides security-related guidance on business process.
    SECURITY SOLUTIONS:
  • Works closely with IT and development teams to design secure infrastructure solutions and applications, facilitating the implementation of protective and mitigating controls.
    OPERATIONS SOLUTIONS:
  • Defines security configuration and operations standards for security systems and applications, including policy assessment and compliance tools, network security appliances, and host-based security systems.
  • Defines and validates baseline security configurations for operating systems, applications, networking and telecommunications equipment.
    INFORMATION/DATA SECURITY:
  • Defines, identifies and classifies information assets.
  • Assesses threats and vulnerabilities regarding information assets and recommends the appropriate security controls and measures.
  • Develops and manages security measures for information systems to prevent security breaches.
  • Consults with clients on the data classification of their resources
  • Provides reports to leaders regarding the effectiveness of information security and makes recommendations for the adoption of new policies and procedures.
  • Develops and implements strategies to align information security with business objectives and goals, protecting the integrity, confidentiality and availability of data.
    SECURITY AUDITS:
  • Performs security audits.
  • Participates in security investigations and compliance reviews as requested by external auditors.
  • Consults with clients on security violations.
  • Acts as liaison between internal audit and IT to ensure commitments are met and controls are properly implemented.
    SECURITY SUPPORT:
  • Assists security operations team in troubleshooting and resolving level-3 escalated security related issues.
  • Authors environmental and support documentation and diagrams.
    BUSINESS CONTINUITY/DISASTER RECOVERY:
  • Develops impact analysis.
  • Assists business partners with the determination of critical business processes and systems.
  • Identifies and coordinates resolution of recovery issues. 
    SECURITY PERFORMANCE MANAGEMENT:
  • Develops measures to evaluate the security programs and modifies strategies as appropriate
  • Analyzes reports and makes recommendations for improvements.
    COMMUNICATIONS/CONSULTING:
  • Serves in an advisory role in application development projects to assess security requirements and controls and ensures that security controls are implemented as planned.
  • Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.
  • Provides input for the development of the security architecture.
  • Informs stakeholders about compliance and security-related issues and activities affecting the assigned area or project.
  • Interfaces with business and IT leaders communicating security issues and responding to requests for assistance and information.​
  • Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
    VENDOR MANAGEMENT:
  • Works with third party vendors during problem resolutions.
  • Interfaces with third party vendors to evaluate new security products or as part of a security assessment process.​
  • Coordinates with vendors to ensure managed services are implemented and maintained appropriately.
    RESEARCH/EVALUATION:
  • Leads and reviews application security risk assessments for new or updated internal or third party applications.
  • Maintains contact with vendors regarding security system updates and technical support of security products.
  • Assists in cost-benefit and risk analysis.

KNOWLEDGE, SKILLS & ABILITIES:
      REQUIRED:
    • Bachelor’s Degree in Computer Science, Information Systems or other related field, or equivalent work experience.
    • Requires in-depth knowledge of IT security risks and risk management frameworks in addition to global and regional incident response planning and methodologies.
    • A high proficiency level in specific job related skills is required.
    • Typically requires 7 - 10 years of combined IT and security work experience with a broad range of exposure to risk identification and classification.
    • Typically requires 7 - 10 years of combined IT and security work experience with a broad range of exposure to multi-tiered incident response planning and execution.
    • Recommended Security Certification (i.e., Certified Information Systems Security Professional (CISSP), Certified Information Security Manage (CISM), or Global Information Assurance Certification (GIAC).

APPLY NOW
IT Security Advisor - Risk Identification and Incident Response IT Security Advisor - Risk Identification and Incident Response Reviewed by Unknown on 8:09:00 AM Rating: 5

JOBS CATEGORY

Tanzania Kenya NGO JOBS Uganda Best Jobs Consultancy Rwanda ICT JOBS Administrative United Nations Sudan Best Jobs Finance Health - Medical Engineering Ethiopia Education Agricultural Lecturer Human Resources Somalia Media Congo - Kinshasa Legal Jobs Bank Jobs Monitoring and Evaluation Mining World Vision Burundi Procurement African Barrick Gold Accountant Zambia Sales and Marketing US EMBASSY East African Community Mozambique Telecoms Research CARE International Save The Children Plan International Arusha Malawi South Sudan Oxfam Scholarships African Development Bank Finance and Administration SafariCom Aviation The Commonwealth American Embassy Sales Zanzibar Environmental Catholic Relief Services Dar es salaam USAID Operations FHI 360 UNDP Security World Bank Economist TradeMark East Africa Unicef Hospitality Managers International Rescue Committee (IRC) Restless Development Accounting Civil Engineers AMREF Morogoro Utumishi AfDB African Development Bank COOPI - Cooperazione Internazionale Driver - Logistics Path International Mwanza African Union Tigo Jobs Marketing Mbeya Teaching Au African Union PSI Population Services International Pwc PricewaterhouseCoopers East African Breweries North Mara Gold Mine ACTED Djibouti Malaria Consortium Bulyanhulu Gold Mine DFID Driver Buzwagi Gold Mine Jhpiego COMESA FINCA JOBS International Jobs Adeso Danish Refugee Council Kilimanjaro Nairobi Coca-Cola Handicap International Pact International Rio Tinto Solidarités International Tender EGPAF Elizabeth Glaser Pediatric AIDS Foundation Logistics Serengeti Breweries Ltd Nation Media Group Africare Norwegian Refugee Council Samaritan's Purse Chemonics International COUNTRY DIRECTOR ICAP of Columbia University InterShips Precision Air RwandAir Marie Stopes International (MSI) Serengeti Breweries Volunteer Climate Change IGAD Tetra Tech ARD Agriculture Jobs Dodoma Iringa One Acre Fund Project Management Clinton Health Access Initiative (CHAI Technoserve Twaweza East Africa ActionAid Lutheran World Federation SADC Secretariat Tanga Vso International ACDI/VOCA Halmashauri Agha Khan Kenya Commercial Bank World Agroforestry Centre Deloitte East Africa International Organization for Migration (IOM) COMESA Secretariat: Software Engineering Safety and Security Shinyanga Jobs Tanzania Breweries Pathfinder International World Health Organization KPMG TANROADS Tanzania Electric Supply Company British Council Futures Group KCB BANK UN-Habitat WFP World Food Programme Barclays GEITA GOLD MINING TANESCO Electrical Engineer Food and Agriculture Organization GOAL Mombasa Tabora WWF World Wide Fund for Nature Microsoft Tanzania Ports Authority East African Development Bank Family Health International (FHI) IBM EAST AFRICA IntraHealth International Mercy Corps SERIKALINI - GOVERNMENT OF TANZANIA AccessBank Community Development Jobs Data Base Management Google Africa ICAP - TZ KEMRI/CDC Program WaterAid Tanzania Auditor SNV International Stanbic Bank Amnesty Horn Relief Kampala Management Systems International (MSI) Standard Chartered Bank VETA Christian Aid DIAMOND TRUST BANK Helen Keller International Help Age Mtwara Uganda Telecom Airtel Africa Equity Bank Internships Marie Stopes TCRA Web Development B B C WORLD SERVICE Human Rights Kigali Makerere University Nile Basin Initiative Kenyatta University Kigoma Mzumbe University NSSF National Social Security Fund Nile Breweries Limited Tulawaka Gold Mine University of Nairobi kenya Airways Bank of Tanzania Graduates MTN Muhimbili National Hospital Nepad Partners in Health Room to Read SUMATRA UNWOMEN African Wildlife foundation (AWF) KEMRI Kagera Librarian MENTOR Initiative Trainee USAILI - INTERVIEW Uiversity of Nairobi WaterAid International icipe Project CAFOD - Catholic Agency for Overseas Development Egerton University EngenderHealth Goal Ireland Kenyan Banks Lake Victoria Basin Commission Peace Corps TANAPA TASAF Tanzania Social Action Fund Zanzibar University ACB AKIBA COMMERCIAL BANK AGRA Alliance for a Green Revolution in Africa Advans Bank Ethiopian Airlines Freedom House IITA International Institute of Tropical Agriculture Legal Moshi NMB BANK Resolute Tanzania Singida Uganda Uganda National Roads Authority University of Dar es salaam University of Dodoma British High Commission ChildFund EWURA FilmAid International NECTA TPDC Tanzania Civil Aviation Authority (TCAA) United States International University World Concern Aga Khan Foundation CBA Commercial Bank of Africa Ecomist Ernst and Young IUCN International Union for Conservation of Nature International Medical Corps Islamic Relief Kakira Sugar Musoma National Institute for Medical Research OPEN UNIVERSITY OF TANZANIA Relief International TAA Tanzania Airports Authority Trócaire Uganda Revenue Authority VODACOM TANZANIA VSF Belgium Architects Hivos IFC International Finance Corporation Ifakara Health Institute Inoorero University International Commercial Bank Kenya Red Cross Society MADEREVA Medical Oil and Gas Pwani University College SOKOINE UNIVERSITY Tumaini University Water Engineering AWF African Wildlife Foundation Acacia Mining Accounts African Virtual University Altima Africa Ardhi University Bank of Uganda Business Development Concultancy Del Monte Kenya Embassies Kenya Airports Authority Lake Victoria South Water Services Board Mara National Bank of Commerce RECORDS MANAGEMENT JOBS RUKWA Ruvuma Search for Common Ground Songea TTCL Tanzania Telecommunications Company Limited Unilever War Child International Zinduka Afrika ACORD AKU ​Aga Khan University Africa Nazarene University Africa Rice Center (AfricaRice) Aga Khan Health Services CRDB BANK Commercial Bank of Africa Daraja Tanzania Engineers Registration Board (ERB) Fina Bank International Potato Center International Potato Center (CIP) Intrahealth Jomo Kenyatta University Kilimanjaro Christian Medical Centre Kyambogo University Lindi Jobs MCL Mwananchi Communications MUHAS-harvad Moi University NBC BANK National University of Rwanda Ngorongoro Conservation Area Authority Njombe Nuru International Nzoia sugar Company RTI International SUA SOKOINE UNIVERSITY OF AGRICULTURE THE LAW SCHOOL OF TANZANIA TRA Tanzania Revenue Authority Tanzania Postal Bank The Foundation For Civil Society Udhamini wa Masomo Western Union AIR TANZANIA Action Against Hunger (ACF) Agricultural Society of Kenya BRALIRWA Bondo University College Caritas Comoros Concern Worldwide Conservation Jobs Consolidated Bank of Kenya DHL Express Ewaso Ngiro South River Basin Development Authority Geologist Gulf African Bank INSTITUTE OF ADULT EDUCATION Jomo Kenyatta University of Agriculture and Technology Kabale University Kabale University (KAB) Kenya Ports Authority KickStart International MORUWASA Morogoro Urban Water and Sanitation Authority MSH Management Sciences for Health Mumias Sugar Company Nairobi Hospital Nkumba University Rural Electrification Agency SOKINE UNIVERSITY SONGWE STAMIGOLD Stores TACAIDS TARURA TCU Tanzania Commission for Universities Tullow Oil World Lung Foundation (WLF) ALAF Limited Aga Khan Development Network (AKDN) Aga Khan Hospital Air Malawi American Refuge Committee BENKI YA POSTA - TPB BANK BTC Belgian Technical Cooperation Bhttp://www.blogger.com/img/blank.gifank of Tanzania Bioversity International CHF International Customer Service Jobs DANGOTE DIT DAR ES SALAAM INSTITUTE OF TECHNOLOGY Danida Dar es Salaam Institute of Technology Daystar University ECOBANK ETDCO Electrical Transmission and Distribution Construction and Maintenance Company European Union IFM INSTITUTE OF FINANCE MANAGEMENT INSURANCE JOBS - BIMA ITECH Internews® Network KUITWA KAZINI Kenya Accreditation Service Kenya Polytechnic University College Kilombero Sugar Company Kisii University College Kisumu Laboratory Jobs MSD MEDICAL STORES DEPARTMENT MSF Switzerland Management Sciences for Health Manyara Maseno University Ministry of State for Planning Muteesa 1 Royal University Médecins Sans Frontières NIDA National Identification Authority Narok University College OSHA Occupational safety and Health Authority Open Society Initiative for Eastern Africa (OSIEA) PA PAC PEPSI POLICE - POLISI Petroleum EngineerS RWANDA HOUSING AUTHORITY Seychelles Songas TBC TANZANIA BROADCASTING CORPORATION TBS TANZANIA BUREAU OF STANDARDS TFDA TANZANIA FOOD AND DRUGS AUTHORITY TIB - Tanzania Investment Bank Tanzania Mortagage Refinance Company Tanzania Teachers’ Union Transmara Sugar Company Tropical Pesticides Research Institute Tumba College of Technology Twiga Cement UNESCO UNOCHA Umma University University WRP Walter Reed Project ZANTEL ao uga
Powered by Blogger.