- Develop and Implement Information Security Policies:
- Review, update, and enforce information security policies and procedures to ensure compliance with ISO standards and regulatory requirements.
- Regularly review and check IT processes, systems, and controls
- Risk Management:
- Identify, assess, and manage information security risks.
- Identify areas of improvement and recommend corrective actions to enhance compliance.
- Work with relevant stakeholders to develop and implement risk mitigation strategies.
- Incident Response:
- Lead the response to information security incidents, conducting investigations and implementing corrective actions.
- Security Awareness Training:
- Develop and deliver security awareness training programs for employees.
- Foster a culture of security consciousness within the organization.
