Learn More!
Learn More!
Learn More!
Learn More!
Learn More!
Learn More!
Learn more!
Learn More!
Learn More!
Learn More!
Learn More!
Learn more!
Learn More!
Learn More!
Learn more!
Learn More!

Don’t know which product for is made for you?

Try Virtual Help

Senior Officer, Information Security & Infrastructure

IT & Operation | Head Office

Job Overview

The Senior Officer, Information Security & Infrastructure is responsible for supporting the development, implementation, and maintenance of the organization’s information security governance, risk management, and compliance framework. This role ensures the confidentiality, integrity, and availability of information assets in compliance with regulatory requirements and recognized industry standards.

Key Responsibilities

  • Develop, review, and maintain information security policies, procedures, and standards in line with organizational and regulatory requirements.

  • Ensure compliance with applicable laws, regulations, and industry frameworks such as ISO 27001, NIST, and PCI DSS.

  • Support the organization-wide implementation of information security controls and policies.

  • Conduct periodic information security risk assessments and monitor risk mitigation plans.

  • Perform internal security audits and compliance assessments, and track remediation actions.

  • Support incident response activities, including investigation, containment, recovery, and reporting.

  • Develop and deliver information security awareness and training programs.

  • Coordinate with internal teams, vendors, and stakeholders on information security matters.

  • Perform other duties as assigned by the Line Manager.

Job Requirements

Functional Skills

  • Ability to develop information security policies, procedures, and implementation plans.

  • Strong analytical skills in identifying security risks, vulnerabilities, and control gaps.

  • Skill in evaluating data and information quality.

  • Ability to prepare risk treatment, audit, and remediation plans.

  • Strong coordination and communication skills with internal and external stakeholders.

Key Knowledge

  • Knowledge of information security governance, risk management, and compliance practices.

  • Understanding of network security concepts, cyber threats, and vulnerability management.

  • Knowledge of cybersecurity laws, regulations, and data protection requirements.

  • Familiarity with industry standards and frameworks such as ISO 27001 and NIST