As an IT Security Governance Officer, you will establish, monitor, and enforce the framework, policies, and standards that guide an organization's information security practices. They bridge the gap between IT operations and strategic management, ensuring risks are managed and regulatory compliance is met.
Key Responsibilities
- Policy & Framework Development: Creating and updating security policies, procedures, and standards in alignment with frameworks like ISO 27001, COBIT, or NIST.
- Risk Management: Identifying IT security risks, conducting vulnerability assessments, and developing mitigation strategies.
- Compliance & Audit: Ensuring adherence to legal, regulatory, and industry standards (e.g., GDPR, PCI-DSS, local banking laws) and managing internal/external audits.
- Security Awareness: Developing and promoting training programs to ensure employees understand security risks and policies.
- Quality Assurance: Performing technical security assessments on critical servers and applications.
Qualifications
- Bachelor's degree in Computer Science, Information Technology, or a related field.
- Relevant experience in IT security, compliance, or risk management.
- Certifications such as CISSP, CISM, CISA, or GSEC.
