Security Consulting Consultant Accenture Middle East

Responsibilities

• Develop cyber frameworks, policies, processes, procedures, guidelines, and related documentation.
• Review existing and proposed policies and related documentation with stakeholders.
• Develop reporting metrics, KPIs, and dashboards.
• Monitor how effectively cybersecurity policies, principles and practices are implemented in the delivery of planning and management services.
• Ensure that cybersecurity workforce management policies and processes comply with legal and organizational requirements.
• Interpret and apply applicable laws, statutes and regulatory documents to ensure they are reflected in the cybersecurity policies.
• Provide policy guidance to cybersecurity management, staff and users.

Risk Management

• Effectively communicate Cybersecurity risks and posture to senior management.
• Develop risk mitigation strategies to effectively manage risk in accordance with organizational risk appetite.
• Ensure that decisions relating to Cybersecurity are based on sound risk management principles.
• Perform risk analysis whenever an application or system undergoes a major change.
• Provide input to the risk management framework and related documentation.
• Ensure Cybersecurity risks are identified and managed appropriately through the organization's risk governance process.
• Carry out a Cybersecurity risk assessments.
• Work with others to implement and maintain a Cybersecurity risk management program
• Identify and assign individuals to specific roles associated with the execution of the Risk Management Framework
• Establish a risk management strategy for the organization that includes a determination of risk tolerance
• Conduct an initial risk assessment of stakeholder assets and update the risk assessment on an ongoing basis
• Work with organizational officials to ensure continuous monitoring tool data provides situation awareness of risk levels
• Use risk management related tools such as eGRC and monitoring tools to assess risks
• Develop methods to effectively monitor and measure risk, compliance, and assurance efforts.
• Determine and document supply chain risks for critical system elements, where they exist.

Compliance & Regulation

• Analyze the organization's Cybersecurity policies and configurations to evaluate compliance with regulations and organization compliance frameworks
• Recognize patterns of non-compliance with Cybersecurity policies and related documentation to identify ways to improve the documentation
• Periodically review Cybersecurity strategy, policies, and related documents to maintain compliance with applicable legislation and regulation
• Work with stakeholders to resolve Cybersecurity incidents and vulnerability compliance issues
• Develop methods to effectively monitor and measure risk, compliance, and assurance efforts
• Develop specifications to ensure that risk, compliance, and assurance efforts conform with Cybersecurity requirements.
• Monitor and evaluate a system's compliance with Cybersecurity, resilience, and dependability requirements
• Develop Cybersecurity compliance processes and audits for services provided by third parties
• Maintain knowledge of applicable legislation, regulation, and accreditation standards and regularly review these to ensure continued organizational compliance
• Cooperate with relevant regulatory agencies and other legal entities in any compliance reviews or investigations.