مطلوب Information and Technology Security Management Manager لجامعه The American University in Cairo - AUC

Purpose: This job role is to assess and ensure that information and technology processes, solutions and systems to ensure their adequacy from confidentiality, integrity and availability perspectives. This role will lead the contracts, software and hardware risk assessment on the design phase and after go live as well. This role is responsible for finding gaps and vulnerabilities and assign proper owners to remediate them. This position will report the information and technology risk status to management to ensure proper governance.
Principal Accountabilities:
o Build plans to quantitatively and qualitatively assess information and technology risks.
o Conduct Information and technology related risk assessments using different methodologies.
o Evaluate new/current information solutions, processes and systems "hardware and software design from the information and technology risk perspective.
o Design and architect information and technology risk controls across campus.
o Build risk heat map reports for information and risk controls effectiveness and efficiency.
o Assess and update risk management frameworks and methodologies.
o Monitor risk management practices to ensure alignment with the desired enterprise risk profile.
o Report relevant information and technology risk management status to management.
o Performs controls testing for high risk areas to identify risk issues and tracks remediation efforts.
o Draft and update maturity assessments based on relevant frameworks
o Lead the team in finding gaps and vulnerabilities in systems and processes.
o Lead the activity of assessing web, software and code risk adequacy.
o Monitor, deploy and design compliance controls from Information and technology risk perspectives
o Recommend security architecture best practices.
o Lead Change Advisory Board/CAB activities for approving IT changes from information security perspective.