شرح جایگاه شغلی

• To maintain information security policies, processes and procedures to ensure high information assurance within the MTNIrancell.
• To implement and maintain ISMS, GISP (Group Information Security Program) and NIST Cyber Security Framework Programs including but not limited to:
  • Keeping Asset Inventory and Valuations updated
  • Delivering yearly risk assessment
  • Following implementation of risk treatment plan
  • To follow up to resolve risks and raised audit items
  • Following implementation of Policies and controls
• To perform planned security audits by coordinating related teams and vendors, check enforcement of announced security requirements and report the results to the management
• To define and enforce security checklists for new systems and existing systems operations
• To benchmark the global Security technologies, policies and standards and keep the Cyber Security division updated on latest security trends.
• To develop, implement and enhance the security Awareness Plan and content across the company using different communication channels.
• To measure defined security metrics in ISMS for evaluating security program effectiveness
• To arrange cyber security management review sessions for ISMS effectiveness and follow embedding ISMS processes in ITS and NWG Processes
• To review security architecture and communicate with other cyber security team, ITS and NWG
• To review Data Classification regularly with all divisions, update and complete Data Classification Table and ensure Data Classification and Data Privacy Policies are implemented and enforced.
• To create and update Confidential and Highly Confidential Data Registery.
• To drive implementation and configuration of DLP, DRM and DAM Solutions to protect highly confidential information.
• To implement, maintain and Continually Improve PKI and Centralized Key Management Solutions.
• To execute administration of New Master Key Generation Process.
• To establish Regular Access Review Process on all systems and solutions.
• To apply regular Audits on Access Management Process and Follow fixing identified gaps.
• To ensure all applicable systems are integrated with IAM to provide centralized view on all accesses.
• To act as Access Approval point on accesses to highly confidential data.
• To monitor Accesses to Highly confidential data and ensure all accesses follow defined processes.
• To review Subscriber Data protection controls in details regularly and follow fixing any gaps.
• To Implement and Maintain ISMS, GISP (Group Information Security Program) and NIST Cyber Security Framework Programs including but not limited to:
  • Keeping Asset Inventory and Valuations updated
  • Delivering yearly risk assessment
  • Following implementation of risk treatment plan
  • Following implementation of Policies and controls

حوزه شغلی

دواپس - امنیت - شبکه

علم داده - هوش مصنوعی