Analyses the security risks of technologies (data security, identity and access security, cloud, etc.) and security tools and services, and assesses their impacts and makes recommendations;

Controls and validates IT infrastructure and other reference architectures in line with Group IT security standards, and recommends changes to improve IT security and reduce IT risks where appropriate;

Works with the Group’s technical architects and security team to share best practices around IT security;

Works with the business continuity management (BCM) team to validate IT security practices for BCM testing and operations in the event of failover;

Facilitates the modelling of threats to services and applications as part of identified IT risks and the management of related data;

Supervises testing and validation of internal security controls as directed by the CISO or the internal audit team;

Helps to draft and update IT security procedures and stan...