Information Technology Security Engineer

Job Title: IT Security Engineer

Main Purpose of the Job: IT Security Engineer is responsible for developing and implementing

comprehensive IT risk strategies.

Key duties include identifying and analyzing technology risks, recommending mitigation measures,

and ensuring compliance

with legal and regulatory requirements.

KEY

ACCOUNTABILITIES:

Ensure IT Risk Strategy, Risk Appetite and action plans are

formulated/ implemented to meet NIST IT

requirements/expectations which includes formulating

frameworks for Technology Risk Management, Cloud Risk

Management and Cyber Resiliency.

Identify and analyze risks and recommend appropriate

mitigation options.

Escalate the need to change practices to mitigate critical risks

and ensure legal and regulatory compliance.

Reviewing business cases and budget submissions to ensure

that information security requirements are addressed and

adequately resourced.

Propose continuous improvement processes and activities to

ensure quality and relevance of information security

practices.

Defining and implementing performance metrics to evaluate

the effectiveness of information security programs.

Monitor and maintain system confidentiality, integrity and

availability and manage information security crisis/incidents.

Perform control testing to evaluate design and effectiveness,

by adhering to Group standards.

Promote appropriate risk culture, awareness and

organizational change for a more sustainable information

security practices.

Oversee the execution of information security projects in

collaboration with IT, Security, Risk and Compliance and

advise senior management on technology risk & security

practices.

Provide independent views on third party assessments when

necessary.

EXPERIENCE &

QUALIFICATIONS:

Possesses strong knowledge in technology and cyber risks

and regulatory policies like NIST/ISO 27001. Minimum 5-7 years of relevant experience, preferably in

Financial Industry.

Excellent communication and organizational skills.

Have holistic multi-domain knowledge like Enterprise

architecture, Infrastructure, Cybersecurity, Cloud etc.

Understands IT project management lifecycle, to be able to

identify project risks beyond technical risks.

Familiar with emerging technology like Artificial

Intelligence, Quantum Computing etc.

Strong team player with very good interpersonal and

relationship building skills.

Independent, pragmatic and result-orientated with right

attitude and analytical skills.