To develop & maintain information security handling solutions & processes. The successful candidate will directly interact with business stakeholders to prevent and/or coordinate response to cyber-threats.
As a member of the Information Security Practice, you will be responsible for leading, managing & coordinating all aspects of information security incident response with the stakeholders. The stakeholders include a broad range of roles within the organization from operational support personnel through to the top tiers of management. - Coordinate and drive efforts among multiple business units during response activities and post-mortem activities - Provide expertise and technical analysis leadership during major investigations - Provide analytical skill for detecting and investigating cybersecurity incidents - Lead the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure - Proactively research & monitor security-related information sources to aid in the identification of threats - Routinely develop and update incident response process to ensure response activities align with best practices and provide comprehensive mitigation of threats - Provide advanced technical skills to support stakeholders in identifying and eliminating security risks, threats, and vulnerabilities - Perform regular process compliance checks with the various process owners within SITA - Ensure supporting systems are maintained in compliance to information security standards
5 years of experience of information security incident handling or compliance, including the development, implementation and operation technical security solutions that support the role. - 3 years of experience in IT Security management including the ability to articulate between sr. leadership & technical teams on information security subjects. - 5 years of IT and security experience with exposure to a broad range of security topics and technologies, including networking, firewalls, Windows, Linux, AIX. - 3 years of experience in applying industry standard information security frameworks such as PCI, NIST, ISO2700 would be an asset -Experience of working in the airport and/or airline industry would be an asset