Develops and maintains cybersecurity plans, strategy, and policy to support and align with organizational cybersecurity initiatives and regulatory compliance.
Roles & Responsibilities:
- Knowledge of computer networking concepts and protocols, and network security methodologies.
- Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
- Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
- Knowledge of cybersecurity and privacy principles.
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of specific operational impacts of cybersecurity lapses.
- Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
- Knowledge of the nature and function of the relevant information structure (e.g., National Information Infrastructure).
- Knowledge of the organizations core business/mission processes.
- Knowledge of applicable laws, statutes, guidelines and procedures.
- Knowledge of full spectrum cyber capabilities (e.g., defence, attack, exploitation).
- Knowledge of strategic theory and practice.
- Knowledge of emerging technologies that have potential for exploitation.
- Knowledge of industry indicators useful for identifying technology trends.
- Knowledge of external organizations and academic institutions with cyber focus (e.g., cyber curriculum/training and Research & Development).
- Knowledge of current and emerging cyber technologies.
- Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
Education Qualification:
Graduation: Bachelor s in Engineering / Technology / Management/ Computers/Science.
Post-graduation: MBA.
Experience: 2 to 5 years of relevant experience
