Job Description

Key Accountabilities:

• Managing the Risk Management exercise across all Technology domains.
• Managing Technology Risk Management on Fixed Core/PSTN/IPTV/IPT/VOIP/Mobile 2G/3G, IT technology domains compliance to the security standards such as Standard ISO27001 and ITU-X.805 and compliance and submit all findings to senior management of ISRM in agreed format.
• Responsible for communicating the findings to respective technical team and provide advises and guidelines to mitigate the risk.
• To work with the Director - Security Risk Management & Compliance, to ensure that all Risk Management & Security Assessment (internal and external) issues are understood raised with proper remediation plan.
• Provide Risk Management & Security Assessment awareness among Technology Unit to ensure that all technical risk issues are understood and raised with proper remediation plan.
• Ability to effectively control external consultants with a wide range of technical expertise.
• Oversee the strategies employed including transferring the Risks & Observations to another party, avoiding the risk, reducing the negative affect of the risk, and accepting some or all of the consequences of a particular risk.
• Contribute & advise in Strategy formulation and implementation oversight
• Develop automated techniques to provide executive level security risk management dashboard to Technology Unit.
• Developing Risk & Security Assessment methodologies, Risk & Security Assessment plan, and Risk & Security Assessment work program and ensure the quality assurance of Risk & Security Assessment functionality.

Qualifications:

• Minimum Bachelor’s degree in Telecom Engineering, Information Security, Information Systems, CISSP, CRISC, CISA, LA ISO 27001, CEH,
• Desirable: CCNP, MCSE, PMP

Experience:

• Minimum 7 years of experience in information and security Risk Management, corporate governance role in a Telecom (PSTN and GSM, Video and IT) industry.
• Good understanding of Security Risk Management

Skills:

• Take personal responsibility for Risk Management issues.
• Analyze information accurately.
• Display sound judgment. Solve problems.
• Present complex information in an understandable way.
• Influence decision makers.