The Information Security Governance Officer is responsible for monitoring and reviewing of information security systems logs and controls. Provide Information security solutions to ensure that the bank will be protected and comply with the internal and external information security policies and regulations.
Key Responsibilities:
- Assists the Security Governance Head in developing and implementing information security policies.
- Monitoring and review of all information security systems logs
- Defines and Documents procedures for Information Security related processes in coordination with the ITG QMS, IT Risk Management and other Business units
- Monitors incidences regarding intrusions and violations on mission critical systems and coordinates with ITG, RM and other concerned bank units for the resolution of said incidences
- Sets appropriate levels of access controls, which minimize information security risks yet must allow the Bank's business activities to be carried out without undue hindrance with the CISO, ITG Head and ITG QMS, Risk Management and Business/system Owners.Defines and Documents procedures for Information Security related processes in coordination with the ITG QMS
- Recommends all encryption systems, algorithms , and parameters that assures interoperability, consistency across the bank
- Monitors incidences regarding intrusions and violations on mission critical systems and coordinates with ITG, RM and other concerned bank units for the resolution of said incidences.
- Issues regular advising on banned web sites that pose a security threat to the Bank.
- Establishes documented procedures to ensure that security administrators are reviewed and assessed on a regular basis with regards to their compliance with their security procedures.
- Ensures that all personnel understand the information security and internet policies and the proper use of computing policy , together with the Security Governance Head.
- Maintains appropriate contact and/or membership with related professional associations, specialist security forums and other IT security organizations.
- Work with other bank's governance and compliance units to ensure program alignment between Incident Management, Information security management system.
- Researched the viability and applicability of emerging security and current information on vulnerabilities and controls.
- Performs quality assurance and review of major systems application
- Performs periodic technical security assessment of critical servers
- Monitors market for new information security solutions
- Performs all other duties and responsibilities as may be assigned by immediate TL from time to time
