CDAITO_ Information Security Assistant Manager

Scope and Purpose

Information Security Senior Assistant Manager operates in close cooperation with the local Information Security Officer (ISO) and with the Head Office teams to ensure the definition of the objectives for the Cybersecurity and Business Continuity Programs and monitors compliance with such objectives.

Specific accountabilities of the Information Security Senior Assistant Manager in support of the local ISO:

• Support for the oversight of the state of information security and cybersecurity and provide periodic reports (at least annually) on the state of information security to /Top management
• Adopt, implement and update Cybersecurity policies, rules, processes and procedures in line with Head Office regulatory Framework
• In reporting to the Top Management, considers to the extent applicable the confidentiality of Nonpublic Information and the integrity and security of Information Systems, the cybersecurity policies and procedures, the material cyber risks, the overall effectiveness of information security and cybersecurity program and possible material cybersecurity events involving the branch
• Work strategically with Head Office to ensure that all aspects of information security and cybersecurity are properly monitored and that security projects and tasks are properly coordinated
• Perform continuous monitoring of Information Security and Cybersecurity programs to ensure compliance with objectives, policies and procedures
• Identify and evaluate changes in local regulations, as well as trends in the Information Security and Cybersecurity sector, such as new products, new attacks and new countermeasures for applicability inside the Branch environment
• Ensure the local execution of Business Continuity activities, including periodical Business Impact Analysis, tests and reporting, in line with the Group model.
• Work with information owners in business units to determine appropriate security objectives
• Monitor network activity for malicious activity
• Monitor and evaluates vulnerability reports, vendor hot-fixes, and vendor patches for applicability to deployed technologies
• Monitor the process of creating, changing, or removing user access across all systems
• Monitor the access control program. Ensure that all appropriate documentation pertaining to the recording of account creations, deletions, and permissions are correctly maintained and approved
• responsible for the Cybersecurity and Business Continuity Training Programs

Required Experience

• Minimum 2-3 years in the cybersecurity and business continuity management environment, preferably in a Financial Institution
• Experience in developing and Cybersecurity awareness programs

Required Qualifications, Skills and Knowledge

• Bachelor's in computer science, Information Technology or related field • Master's degree a plus • CISSP / CISM certification preferable • Experience in application security, vulnerability management • Solid background in assuring high level of Information Security management and Business Continuity management in an organization • I.T./Info/Cyber Security risk management experience , including application risk classification and application control assessments • Knowledge of financial industry products and related IT platform, a plus