The Governance & IT Security Senior Technician is responsible for executing day-to-day security and governance activities, such as monitoring compliance with security policies, supporting vulnerability management efforts, and conducting IT security assessments.
KEY FUNCTIONS
1. Support the implementation and maintenance of governance frameworks to ensure best practices are applied, following advice from IT Security and Governance Analysts.
2. Assist in developing, implementing, and enforcing policies and procedures to ensure compliance and security across the organization, ensuring compliance after IT tools have been selected.
3. Help manage regular risk assessments to identify potential risks and vulnerabilities, supporting the IT Security Analyst in developing mitigation strategies.
4. Monitor compliance with internal policies and external regulations, assist in audits, and ensure the organization meets all legal and regulatory requirements.
5. Ensure the lifecycle and capacity planning for all security and corporate technology components.
6. Assist in identifying, assessing, and managing vulnerabilities in the infrastructure, working closely with the IT Security Analyst and understanding CSIRT reports.
7. Maintain detailed documentation of governance and security activities, and prepare reports on compliance status, risk assessments, and security metrics.
8. Collaborate with IT Security and Governance Analysts to align security and governance activities.
9. Assist in developing and delivering training programs to educate employees on governance and security best practices, and pursue self-improvement.
10. Identify opportunities for improving governance and security processes, supporting the implementation of improvements to enhance efficiency and effectiveness.
EDUCATION
* University degree in Computer Science, Information Security, Information Technology, or a related field.
* Certifications such as CompTIA Security+, CISA, CISM, CISSP, and ISO 27001 Lead Auditor/Implementer are advantageous.
RELEVANT PROFESSIONAL EXPERIENCE
* 2-3 years of experience in IT security, governance, risk, and compliance, or a related technical role.
* Knowledge of security principles, compliance assurance, IT security, governance, and risk management.
* Basic knowledge of IT infrastructure, network security, incident response, and governance frameworks.
* Familiarity with standards such as ISO 27001, NIST, and regulatory requirements.
OTHER RELEVANT SKILLS OR CHARACTERISTICS
* Ability to maintain accurate records, logs, and documentation essential for compliance and reporting.
* Skill in identifying security risks, analyzing complex data, and troubleshooting security issues.
* Effective communication skills to explain security concepts to technical and non-technical stakeholders.
#J-18808-Ljbffr