Senior Manager Information Security
País : Colombia
Población : Bogota
Categoría : Logística
Tipo de contrato : Indefinido
Jornada laboral : Completa
Descripción del puesto
- Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems.
- Investigates major breaches of security, and recommends appropriate control improvements.
- Contributes to development of information security policy, standards and guidelines.
- Actively maintains recognized expert level knowledge in one or more identifiable specialisms.
- Provides definitive and expert advice in their specialist area(s).
- Oversees the provision of specialist advice by others, consolidates expertise from multiple sources, including third party experts, to provide coherent advice to further organizational objectives.
- Supports and promotes the development and sharing of specialist knowledge within the organization.
- Within given research goals, builds on and refines appropriate outline ideas for research, including evaluation, development, demonstration and implementation.
- Applies standard methods to collect and analyses quantitative and qualitative data.
- Creates research reports to communicate research methodology and findings and conclusions. Contributes sections of material of publication quality.
- Uses available resources to update knowledge of any relevant field and curates a personal collection of relevant material.
- Participates in research communities.
- Supports monitoring of the external environment and assessment of emerging technologies to evaluate the potential impacts, threats and opportunities to the organization.
- Contributes to the creation of reports, technology road mapping and the sharing of knowledge and insights.
- Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
- Provides guidance in defining access rights and privileges.
- Investigates security breaches in accordance with established procedures and recommends required actions and supports / follows up to ensure these are implemented.
- Contributes to digital forensic investigations.
- Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports.
- Maintains current knowledge of malware attacks, and other cyber security threats.
- Creates test cases using in-depth technical analysis of risks and typical vulnerabilities.
- Produces test scripts, materials and test packs to test new and existing software or services.
- Specifies requirements for environment, data, resources and tools.
- Interprets, executes and documents complex test scripts using agreed methods and standards.
- Records and analyses actions and results.
- Reviews test results and modifies tests if necessary.
- Provides reports on progress, anomalies, risks and issues associated with the overall project.
- Reports on system quality and collects metrics on test cases.
- Provides specialist advice to support others.
- Implements stakeholder engagement/communications plan.
- Deals with problems and issues, managing resolutions, corrective actions, lessons learned and the collection and dissemination of relevant information.
- Collects and uses feedback from customers and stakeholders to help measure effectiveness of stakeholder management.
- Helps develop and enhance customer and stakeholder relationships.