Job / Position Details:

JOB CODE:
8169-1
JOB TITLE
LOCATION
DEADLINE
Chief Manager - IT Risk
Karachi
December 18, 2022
The employment will be on contractual basis for three years, which may be renewed on discretion of the Management based on company’s requirement and individual’s performance.
JOB DETAILS:
Qualification & Experience:
Bachelors in Computer Science with 10 years of experience or MCS with at least 09 years of experience. Cyber security, or related field preferred Certifications in relevant Security and Compliance {CISA, CRISC, CISSP, etc.) preferred
Responsibilities:
    1.
  • Lead the development / implementation of system-wide risk management function of the information security program to ensure information security risks are identified & monitored.
  • Advance the design, delivery, and performance of lT risk metrics and reporting including the Business Impact Assessment, lT Risk Management Framework, and the management of configurations and standards.
  • Internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls, risks involved for the organization's information and technology systems.
  • Lead the system-wide information security compliance program, ensuring lT activities, processes, and procedures to meet defined requirements, policies and regulations.
  • Lead enterprise, network, application, and cloud infrastructure risk assessments while maintaining process and procedural documentation.
  • Manage third-party risk assessments and ongoing monitoring activities for lT vendors.
  • Coordinate and track all lT Risks, information technology and security related assessments including scope of assessment, parties involved, timelines, and outcomes.
  • Must be able to assess computer hardware, software, and systems for security risks or violations and work with staff and technology vendors to recommend solutions.
  • Develop strategies to address awareness and training for all stakeholders as well as technical solutions.
  • Manage a dynamic team while helping them grow in their positions and keeping them motivated and informed of organization's direction.
  • Provide insight and guidance to IT processes and projects to ensure best practices and security standards are maintained.
  • Recommend programmatic and technical directions and operate with a high degree of independence in matters relating to the investigation, impact, and analysis of security incidents, decisions regarding risk, and measures for computer and network security.
  • Operate with a high degree of independence with regard to project management activities, including development of project plans and budget/resource estimates.
  • Excellent knowledge and experience of information security, audit, risk management, compliance or risk consulting experience.
  • Knowledge & Experience of securing network technologies, client, and server operating systems.
  • Must be well versed with laws and guidelines affecting Energy / utility entities.
  • Experience responding to, analyzing and communicating information security incidents.
  • Excellent written and verbal communication skills.
  • Excellent interpersonal, communication, and presentation skills, including formal report writing experience.

Copyright (c) 2018-2024 Sui Southern Gas Company Limited. All Rights Reserved.