IT Security - Risks and Compliance

* Job Purpose
The primary role of IT Risks and Compliance is to ensure proper administration of Information Security and all potential risks that may affect MBAL’s reputation, safety and Information Security are managed properly.
This role is expected to provide a better assessment of IT risks policies and procedures in order to protect, detect, respond and recover, and to avoid threats, exposures, reduce or transfer risks and/or mitigate the impact.
* Key Responsibilities
The IT Security Admin and Risks Compliance have the following responsibilities:
•Performs the overall administration of core IT Security systems within MBAL.
•Ensures appropriate systems are properly configured, updated and working appropriately to detect potential threats and security incidents.
•Conducts IT risk assessment, which involves analyzing risks as well as identifying, describing and estimating the risks that may affect MBAL organization.
•Participates in the review of investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities.
•Provides support, education and training of to all employees in terms of IT Security risk awareness within the organization.
•Involve in risks assessment and management of cyber security incident response process from detection till system restore and incident closure.
•Participates and helps in the definition of IT Security framework and associated IT Security Policies and Procedures (P&P).
•Ensures compliance with Data Privacy law such that MBAL’s confidential data as indicated in existing Information Handling policies of MBAL are protected from possible exposures, leakage and/or unauthorized access
•Ensures implementation of approved IT Security policies and compliance to all MBAL employees.
•Performs annual (or as needed) security review in terms of user access, infrastructure capabilities, and further IT security improvements.
•Conducts audits of IT Operations to ensure compliance with existing IT Security policies and procedures as approved by MBAL ExCo.
•Liaise with internal and external auditors, and business partners in terms IT Security review, gap assessment and audits.
•Ensures IT Operational Risks are managed and/or mitigated and that all existing IT security infrastructure is abreast with latest technology and industry standards.