Cybersecurity Compliance Officer

The opportunity awaits qualified results-oriented professionals who are interested in joining our Team.

 In this regard, G.P.L Inc. invites applications from interested candidates with the requisite qualifications and experience to fill the vacancy of Cybersecurity Compliance Officer– within the Information Technology Division– Sophia, Georgetown

Under the general direction of the Senior Manager -Infrastructure Department, the incumbent will plan, coordinate or implement, review and improve mechanisms protecting computing infrastructure and company data, to achieve secure, resilient information systems, and support the company’s business operations.

 KEY RESPONSIBILITY AREAS:

1.  Planning, data-driven where possible, related to policy, corporate strategy, existing systems, data assets or end-users, and with targets, and the communication of such plans, regarding cybersecurity to achieve secure and resilient information systems.
2. Budget proposals for implementation of plans.
3. Review of outcomes of any planned actions to improve infrastructure and end-user cybersecurity
4. Plan, monitor and report on the implementation and maintenance of CIS Controls for cybersecurity, and any other cybersecurity standard and strategy adopted by the Company.
5. Ensure that documentation pertinent to the company’s cybersecurity approach is prepared and kept up-to-date, and related timely working guidance is routinely provided to appropriate Divisional staff.
6. Use an asset management-based approach for development planning and disaster response, etc.
7. Review systems used to secure the WAN, servers, databases and apps.
8. Review systems providing 3-2-1 backup, response preparation and recovery-testing, that offer protection and resilience of existing systems and data.
9. Review continuous monitoring and rapid alerting mechanisms used to monitor the status of computing infrastructure.
10. Ensure that collection, combination and analysis (real-time and historical) of audit logs, monitoring data, security events, etc. is done automatically, with rapid alerting of relevant IT staff when necessary.
11. Ensure or assist systems that provide data security and data integrity are maintained.
12. Ensure or assist with a verifiable system of least-privilege infrastructure access management for staff and contractors, with prompt access removal and reporting following the movement of staff, the resignation of staff, the conclusion of contract, etc.
13. Implement a system of holding credentials for cybersecurity systems/ services in escrow.
14. Implement, coordinate and test an incident reporting and response process, and disaster response and recovery processes.
15. Implement a high level of customer service to GPL and other defined users, aided by thorough asset management.
16. Implement or assist with the implementation of ITIL best practices for IT Service Management.
17. Research and recommend innovative, cost-effective, and where possible automated approaches for improving cybersecurity.
18. Change management – implement a view of other departments/ personnel as customers, with work viewed as customer service.
19. Perform any other related duties that may be assigned by the Head of Department or divisional executive.

 COMPETENCY PROFILE:

• Knowledge of computer network/ server/ database administration, configuration, troubleshooting and problem analysis and resolution
• Knowledge of DHCP, DNS and other protocols and standards
• Understanding of IT Security
• Familiarity with LAN/ WAN hardware and software
• Written and Verbal Communication