Conduct risk and gap assessments to identify gaps in existing security governance
Develop, maintain, and review information security policies, standards, procedures, and guidelines aligned with business objectives and regulatory requirements.
Maintaining and improving the security technologies deployed, including creating use cases, customizing or better configuring the tools based on past and current threats.
Develop and maintain data governance and data security
Develop and conduct security awareness training programs
Coordinate internal and external audits, including evidence collection, walkthroughs, and remediation tracking.
Act as a liaison between security, IT, business units, and auditors to ensure consistent understanding of security and compliance requirements. Maintain documentation repositories for policies, procedures, risk assessment...