Cybersecurity Compliance Officer
Job Description/Key Resonsibilities
The opportunity awaits qualified results-oriented professionals who are interested in joining our Team.
In this regard, G.P.L Inc. invites applications from interested candidates with the requisite qualifications and experience to fill the vacancy of Cybersecurity Compliance Officer– within the Information Technology Division– Sophia, Georgetown
Under the general direction of the Senior Manager -Infrastructure Department, the incumbent will plan, coordinate or implement, review and improve mechanisms protecting computing infrastructure and company data, to achieve secure, resilient information systems, and support the company’s business operations.
KEY RESPONSIBILITY AREAS:
- Planning, data-driven where possible, related to policy, corporate strategy, existing systems, data assets or end-users, and with targets, and the communication of such plans, regarding cybersecurity to achieve secure and resilient information systems.
- Budget proposals for implementation of plans.
- Review of outcomes of any planned actions to improve infrastructure and end-user cybersecurity
- Plan, monitor and report on the implementation and maintenance of CIS Controls for cybersecurity, and any other cybersecurity standard and strategy adopted by the Company.
- Ensure that documentation pertinent to the company’s cybersecurity approach is prepared and kept up-to-date, and related timely working guidance is routinely provided to appropriate Divisional staff.
- Use an asset management-based approach for development planning and disaster response, etc.
- Review systems used to secure the WAN, servers, databases and apps.
- Review systems providing 3-2-1 backup, response preparation and recovery-testing, that offer protection and resilience of existing systems and data.
- Review continuous monitoring and rapid alerting mechanisms used to monitor the status of computing infrastructure.
- Ensure that collection, combination and analysis (real-time and historical) of audit logs, monitoring data, security events, etc. is done automatically, with rapid alerting of relevant IT staff when necessary.
- Ensure or assist systems that provide data security and data integrity are maintained.
- Ensure or assist with a verifiable system of least-privilege infrastructure access management for staff and contractors, with prompt access removal and reporting following the movement of staff, the resignation of staff, the conclusion of contract, etc.
- Implement a system of holding credentials for cybersecurity systems/ services in escrow.
- Implement, coordinate and test an incident reporting and response process, and disaster response and recovery processes.
- Implement a high level of customer service to GPL and other defined users, aided by thorough asset management.
- Implement or assist with the implementation of ITIL best practices for IT Service Management.
- Research and recommend innovative, cost-effective, and where possible automated approaches for improving cybersecurity.
- Change management – implement a view of other departments/ personnel as customers, with work viewed as customer service.
- Perform any other related duties that may be assigned by the Head of Department or divisional executive.
- Knowledge of computer network/ server/ database administration, configuration, troubleshooting and problem analysis and resolution
- Knowledge of DHCP, DNS and other protocols and standards
- Understanding of IT Security
- Familiarity with LAN/ WAN hardware and software
- Written and Verbal Communication
Required Qualifications and Experience
- University Degree in Cybersecurity, Information Assurance, Information Systems, Computer Engineering, Computer Science, or related discipline from a recognised university, PLUS
- A minimum of three (3) years of relevant experience in securing data and communications networks and the development of Information Systems architecture and solutions.
- In addition, the candidate must have one (1) or more of the following or similar certifications: CompTIA Security+, ISACA Certified Information Systems Auditor (CISA), (ISC)2 Certified Information Systems Security Professional (CISSP) or EC-Council Certified Security Analyst (ECSA).
How to Apply
Applications should be submitted to the Human Resources Services Manager, Guyana Power & Light Inc. 257/259 Middle Street, Georgetown or at firstname.lastname@example.org not later than January 24, 2023.