Apply defense-in-depth concepts and information security controls (Administrative, Technical, Physical, Operational, Deterrent, and Compensating controls) within day-to-day security activities.
Support compliance activities related to information security frameworks and standards such as PCI TSP, PCI PIN, SOC2 Type II, and ISO27001.
Perform PCI-DSS control activities and execute the relevant periodic compliance tasks.
Support the implementation of controls under the CBE Cyber Security Framework.
Manage and track different audit missions and provide the needed support to stakeholders in the remediation plan.
Develop and review information security and corporate policies and processes to ensure alignment with information security standards and regulations.
Execute and support the information security awareness program, including security awareness trainings, phishing simulation campaigns, and security awareness sessions.