IT Security Officer

IT Security Officer (ITSO)

• Develop and maintain IT security policies and action plans, reviewing them at least annually or as required by the Customer.
• Evaluate and recommend IT security products and solutions for implementation within the Customer's IT infrastructure.
• Implement and manage risk assessment methodologies, ensuring compliance with relevant service management requirements and industry standards.
• Develop and implement security management frameworks and governance structures as specified by the Customer.
• Establish and manage IT Security Incident Management processes, including detection, response, and handling of security incidents according to Customer guidelines.
• Collaborate with external partners and suppliers to resolve IT security incidents effectively.
• Participate in and contribute to industry-wide IT security incident response simulations and technical assessment exercises.
• Conduct forensic investigations when required, including secure disk image acquisition and analysis within specified timeframes.
• Monitor, analyse, and report on emerging security threats, vulnerabilities, and solutions relevant to the Customer's IT infrastructure.
• Conduct regular meetings with key stakeholders to highlight security issues and propose improvements to the Customer's IT infrastructure.
• Liaise and coordinate with external suppliers, security organisations, and the Government on IT security matters related to the Customer's infrastructure.
• Perform additional activities as necessary to secure the Customer's I infrastructure.
• Review and follow up on security reports generated from central security tools, providing timely updates to the Customer.
• Manage the inventory of IT assets to be monitored by central security tools, ensuring compliance and proper onboarding of servers, networks, and databases.

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
• Proven experience in IT security, with a focus on infrastructure security
• Strong understanding of information security principles, best practices, and relevant regulations
• Experience with a range of security tools and technologies
• Familiarity with forensic investigation techniques and tools
• Excellent analytical and problem-solving skills
• Strong written and verbal communication skills
• Ability to work effectively both independently and in a team environment
• Experience in liaising with external partners and suppliers on security matters

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• GIAC Certified Incident Handler (GCIH)