Assist in developing policies/standards/procedures/guidelines related to Information Security according to the current context of the organization to ensure Dialog runs its business without any interruptions.
Review and incorporate necessary changes to existing policies, standards and procedures based on the strategic requirements, BAU requirements, Incidents, recommendation given by Auditors, MRM outputs, BCP testing and DR Drills to further improve the information security controls of the business.
Sustain/maintain ISO 27001, ISO 27701 certifications and maturity of NIST CSF.
Collaborate with stakeholders to track and monitor the implementation of defined policies, standards, guidelines procedures.
Engage with business and technology leaders to identify cybersecurity threats, vulnerabilities and associated risk impacting organization.
Manage ISMS Internal/ External audits and other compliance Audits. Perform sample audit to ensure that closure of gaps and in line with compliance expectation.
Prepare cybersecurity progress reports, risk assessment reports and KPI progress reports to management and Board Risk and Compliance Committee.
Identify ways to automate compliance checking and reporting for continuous compliance management.
Manage and track compliance exceptions, assess its risk and update risk register where required.
Validate security requirements of new solutions/products to minimize information security risks.
SPOC for reviewing and recommending all Dialog wide legal contracts to establish information security compliance requirements.
Attend ITSR (IT Service Requests) to provide IT services conforming to security policies and standards.