[What the role is]
[What the role is]The Systems Engineer/Senior Systems Engineer will serve as an internal consultant on information security, providing expert guidance and support in the following areas: Compliance and Governance, Security Consultancy, Risk Identification and Improvement, Policy Development and Communication, Implementation of Security Measures.
[What you will be working on]
[What you will be working on]
- Act as a key member of the ICT Governance Team to ensure security governance, risk assessments, mitigations and acceptances are conducted for ICT systems/services, analyze key security metrics and take appropriate actions.
- Serve as an internal consultant on information security, providing expert guidance and support and ensuring security requirements are properly defined during procurement of ICT systems.
- Conduct policy compliance self-assessments and control measure security reviews to ensure adherence to processes and practices by relevant stakeholders and support regular ICT audits (including Third Party Management audits and exit contract audits).
- Manage the IT Risk and Third-Party Risk Registers, collaborating with relevant teams to assess and remediate ICT risks and vulnerabilities until closure.
- Design, plan, implement, and maintain a Zero-Trust, modern, and secure digital environment.
- Implement, manage, and monitor systems and processes that support ICT governance, risk, and security. This includes Threat Modelling, Identity and
- Access Management, Privileged Access Management, Certificate Management, Data Protection technologies, Vulnerability Management, Incident Management and security monitoring and compliance tools.
- Analyse, develop and communicate the technology deployment process, seek feedback from stakeholders and make continual improvement in the operations phase.
- Support the Agency Chief Information Security Officer (ACISO) in the design, planning, implementation and maintenance of a Zero-Trust, modern and secure digital environment.
[What we are looking for]