Responsible for assisting in the development and implementation of IT security risk management strategies. Develops and implements IT security risk assessments to determine the security risk of potential IT deployments. Makes recommendations based on the outcome of the assessments. Designs enterprise IT security policies to be administered throughout the enterprise. Provides governance over Information Security activities throughout the enterprise. Develops and disseminates training and awareness programs for IT Security.
Job Responsibilities (listed in order of importance and/or time spent)
Assesses IT risks and recommends risk mitigation strategies to management. Ensures that risk identification, analysis and mitigation activities are integrated into life cycle processes within IT Security.
Develops risk assessments to determine the security viability of IT deployments. Works collaboratively gathering the input of IT security departments and provides recommendations to Sr. Management.
Designs and develops security policies for administration throughout IT security.
Provides IT security governance to ensure the establishment of a process for exceptions to policies or procedures. Provides an opinion for the approval process for policy exceptions. Reports significant change in the Companys IT security risk posture to appropriate levels of management on both a periodic and event driven basis.
Develops and disseminates IT security training and awareness programs.
Performs monitoring and reporting of IT Security Risk Management.
Provides project management in the areas of risk management security governance, incident response management, training and awareness, and security policy to ensure the proper policies, procedures, and processes are designed, implemented, and enforced.
Q1 Technologies - 19 months ago