发布 Dec 30, 2020 6 查看
Royal Airport Services is looking for a qualified Information Security candidate to provide expert advice, support & management on information security related matters throughout the organization including maintaining & continually improving the Information Security Management System (ISMS) in accordance with ISO 27001.
The Information Security Candidate will…
- Identify & mitigate information security risks in line with industry practices, the risk appetite of the business & any legal, regulatory or contractual requirements
- Ensure compliance to legal, regulatory & contractual Information Security requirements & internationally recognized standards are integrated as part of “business as usual” activities
- Ensure all stakeholders operate under similar requirements & conduct appropriate & proportionate due diligence assessments
- Undertake Business Impact Assessments (BIA) and Information Security Management Reviews as necessary across the business – identifying risks, deficiencies, improvements & requirements in operational & technical controls
- Manage & update Information Security policies, standards & operational processes
- Must have a strong background in information technology with a clear understanding of the challenges of information security.
- Excellent analytical and problem-solving abilities to identify and fix security risks. To build understanding and awareness of security issues throughout the organization
- Assess the organization’s security measures, such as firewalls, anti-virus software and passwords, to identify any weak points that might make information systems vulnerable to attack.
- Prioritize security coverage to ensure that strategically important data, such as business information or personal data, receives the highest levels of protection.
- Provide training for employees, explaining security risks and demonstrating good practices, such as using strong passwords and protecting data when they use mobile devices outside the office.
- Set up procedures and automated processes to monitor the status of computers and networks.
Assessing the risks to computer systems and planning to minimize possible threats
- Upgrading existing security systems or designing new ones
- Testing security products and evaluating them
- Simulating security breaches to test procedures
- Making plans for disaster recovery in case security is breached
- Carrying out corrective actions in the event of a breach
- Looking for weak points in the system and securing them
- Ensuring that international and national network security standards are met
- Preparing technical documentation and reports for users and managers.
Experience required
- Min 5 years’ experience in Information Security
- Expert knowledge of ISO 27000 family
- Expert knowledge of Information Security audit
- Graduate with relevant degree
- CISSP / CISA or equivalent Information Security or Systems Audit accreditation
- ISO 27001 Lead Auditor or Implementer
技能
工作详细内容
MENZIES-RAS Pvt Ltd
Menzies-RAS (Pvt.) Ltd. is an ISO 9001:2015 & OHSAS 18001:2007 Certified Ground Handling Company, which right from its inception embarked upon the mission to introduce the best “Ground Handling Practices” consistent with the International Standards. The tenets of best practices in passenger handling, cargo management, ramp operations, baggage handling, equipment reliability, occupational health & safety, security and human resource development are our hall mark.
Ayesha Shaukat
Social Media Marketing Manager
Ivoke
Zubair Anjum
Business Excellence Specialist
Nestle Pakistan
Muzammil Baig
Digital Marketing Manager
IT Services Group
Aqib Irshad
Head of HR, Training & OD
FINCA
Usman Habib
Recruitment & Training Executive
ACS Synergy (Pvt) Ltd.
Ali Aziz
CEO
Shopistan
Mona Sharif
Senior Team Lead
Konext PVT. LTD
Sehrish Azhar
Motivational Speaker & Blogger
Living Upbeat
Zohaib Ali
Marketing Manager
Digital Online Devices
Babar Ahmed Khan
Territory Sales Manager
Engro Foods
