Reporting to the Project Lead of the Security Risk Assessment and Audit (SRAA) project, the incumbent will assume the following responsibilities:
Key Responsibilities:
- Support the execution of the SRAA process, ensuring ongoing compliance with internal policies and standard operating procedures.
- Organise and implement activities to identify control gaps and mitigate technology risks as part of the SRAA exercise, including evaluating vulnerabilities, testing system resilience, and conducting drills.
- Perform assessments on systems and infrastructure to maintain robust IT risk management.
- Establish requirements for information protection during application, system, and network implementations, in accordance with industry best practices.
- Support IT operations related to governance and assurance, including access management, monitoring, incident response, and reporting, aligning with the objectives of the risk assessment and audit programme.
- Manage the day-to-day operations related to IT risk management, overseeing event monitoring, vulnerability management, and performance optimisation of tools and systems.
- Provide recommendations to management on advancements in technology, emerging threats, and preventive measures through continuous research, contributing to the enhancement of the risk assessment and audit processes.
- Perform any other duties assigned by senior officers.