Develop information security standards, policies and procedures.
Conduct IT risk assessments.
Conduct vulnerability testing.
Monitor networks and systems.
Respond to security incidents.
Manage access controls.
Manage authorization and authentication.
Monitor internal controls related to information security e.g. processes for granting system access.
Conduct security awareness training.
Support information security audits.
Manage information security infrastructure.
Manage information security platforms.
Set encryption policies and standards.
Perform penetration testing.
Develop and maintain security incident response plans.
Monitor security events and alerts.
Achieve compliance with information security regulations and standards.
Conduct forensic investigations.
Procurement of security consulting, services, systems and infrastructure.
Manage security vendors and service providers.
Conduct physical security assessments.
Develop threat intelligence.
Oversee patch management and vulnerability intelligence.
Develop and maintain security architecture.
Perform security reviews of products and vendors.
Security reporting and metrics.
Manage security-related documentation.
Achieve and maintain information security certifications.
Develop and maintain system security plans.
Conduct information system security assessments and validations.
Develop contingency plans.
Develop business continuity plans.
Develop security test plans.
Deliver security requirements analysis.
Deliver cryptographic and key management solutions.
Manage and operate secure cryptographic platforms.
Monitor and protect sensitive information on networks, platforms, systems and documents.
Develop and implement secure development processes.
Develop, implement and monitor secure maintenance processes.
Coordinate information security efforts across the risk management, architecture, operations and development levels.