Develop information security standards, policies and procedures. | Conduct IT risk assessments. |
Conduct vulnerability testing. | Monitor networks and systems. |
Respond to security incidents. | Manage access controls. |
Manage authorization and authentication. | Monitor internal controls related to information security e.g. processes for granting system access. |
Conduct security awareness training. | Support information security audits. |
Manage information security infrastructure. | Manage information security platforms. |
Set encryption policies and standards. | Perform penetration testing. |
Develop and maintain security incident response plans. | Monitor security events and alerts. |
Achieve compliance with information security regulations and standards. | Conduct forensic investigations. |
Procurement of security consulting, services, systems and infrastructure. | Manage security vendors and service providers. |
Conduct physical security assessments. | Develop threat intelligence. |
Oversee patch management and vulnerability intelligence. | Develop and maintain security architecture. |
Perform security reviews of products and vendors. | Security reporting and metrics. |
Manage security-related documentation. | Achieve and maintain information security certifications. |
Develop and maintain system security plans. | Conduct information system security assessments and validations. |
Develop contingency plans. | Develop business continuity plans. |
Develop security test plans. | Deliver security requirements analysis. |
Deliver cryptographic and key management solutions. | Manage and operate secure cryptographic platforms. |
Monitor and protect sensitive information on networks, platforms, systems and documents. | Develop and implement secure development processes. |
Develop, implement and monitor secure maintenance processes. | Coordinate information security efforts across the risk management, architecture, operations and development levels. |