Develops and manages security for more than one IT functional area (e.g., Applications, data, systems, network and/or Web) across the enterprise. Assists in the development and implementation of security policies and procedures (e.g., user log-on and authentication rules, security breach escalation procedures, security auditing procedures and use of firewalls and encryption routines). Prepares status reports on security matters to develop security risk analysis scenarios and response procedures. Responsible for the tracking and monitoring of software viruses. Enforces security policies and procedures by administering and monitoring security profiles, reviews security violation reports and investigates possible security exceptions, updates, and maintains and documents security controls.
Reviews authorization and access to business application and ensures that it is in line with the role of the staff member.
Involved in the evaluation of products and/or procedures to enhance productivity and effectiveness. Provides direct support to the business and IT staff for security related issues. Educates IT and the business about security policies and consults on security issues regarding user built/managed systems. Represents the security needs of the organization by providing expertise and assistance in all IT projects regarding security issues. Must have extensive knowledge in networking, databases, systems and/or Web operations. Role is involved with Group Head of IT and Heads of Application and Infrastructure Operations in developing enterprise security strategies, management of security projects and complex security issues
Works independently or on multiple IT security projects as a project team member, occasionally as a project leader. Works on small to large, complex security issues or projects that require increased skill in multiple IT functional areas. May coach more junior staff.
Role is independent of the Infrastructure Operations and Applications team with an oversight responsibility on security matters.
Education: Bachelor’s Degree in Computer Science, Information Systems, or other related field.
Certifications - Security +, CISSP , CEH, CISM, GSEC, CCIE (Security With lab) (minimum at least one)