• Jobs at this level are responsible for supporting the technology systems
risk mitigation and security design, implementation and operations for
protection from internal and external threats and assist in the development
of business continuity/disaster recovery contingency plans. Also, they are
responsible for supporting authentication and authorization systems,
databases and applications and managing vulnerabilities/threats and policies
compliance, forensics through development and deployment of technology systems.
• Manage design and integration of technology Risk Management &
Security systems infrastructure, security policies (identity management and
access control solutions etc.), procedures and technical standards.
• Develop and execute Security Programs to enhance business and
organizational excellence and to increase the level of awareness of the
Security function and its significance for the company.
• Develop and standardize tools/methodologies for
publishing/communicating and archiving approved policies and processes to all
• Manage contingency plans and assists in the implementation of BC/DR
(Business Continuity/Disaster Recovery) project phases (planning, execution,
monitoring, controlling, and closing).
• Develop technology systems contingency plans and technical Business
Continuity and (BC) and Disaster Recovery (DR) procedures and aligns them with
IT BC/DR planning business requirements.
• Implement Disaster Recovery (DR) project phases (planning, execution,
monitoring, controlling, and closing)
• Ensure continuous improvement of technology systems and processes by
searching for new tools and processes, which would best suit STC s current
and future requirements.
• Evaluate risks and implement risk mitigation plans based on a defined
risk management approach and methodology.
• Provide early warnings on security threats before it occurs.
• Implement preventive maintenance for security devices and systems and
proactively monitors security logs on systems to mitigate security threats
such as viruses, spams and phishing.
• Work with Security Operation Team (SOC) and Security Emergency
Response Team (SERT), ensuring prompt query resolution and regular monitoring
of the response time.
• Engage with IT Security Forensic Investigation, assisting in forensic
investigations and conducting proactive monitoring and reporting.
• Ensure design, implementation, operation and support for policy
compliance tools, forensic management tools and vulnerabilities/threats
• Formulate Technology Security Management initiatives and ensures
communication and implementation the same.
• Provide professional support on operational work processes, policies
and compliance guidelines pertaining to Technology Security Management.
• Bachelor s degree in Computer Science/Information Technology or
• Master s degree in Computer Science/Information Technology or related
discipline is preferred
• Relevant certification in technology Security (CISSP, CAP, SSCP,
(ISC)2 , CCFP, CISM etc.) is preferred
• Relevant certification in Information Technology Service or
Infrastructure Management (ITSM/ITIL)
Years of Experience
• 6 - 8 years of experience in the technology Systems Security or technology
Risk Management roles, preferably in technology / telecommunication industry
Desired Skills & Knowledge
• Advance proficiency in data collection and analysis
• Advance proficiency in reporting skills
• Advance proficiency in system diagnostic techniques
• Advance proficiency in data processing functions and developing
system data structures
• Advance proficiency in intrusion detection and security investigation
• Advance proficiency in performing risk, business impact, control and
• Advanced proficiency in English language skills