"Softlogic Holdings PLC, is one of Sri Lanka's most dynamic entrepreneur-led consumer driven conglomerates, with industry leadership in six business verticals - Retail, ICT, Healthcare, Financial Services, Automobiles and Leisure. The Group employs over 11,000 people in Sri Lanka and Australia and operates an asset base of over LKR190 Bn to generate an annual turnover of more than LKR 110 Bn.
Softlogic's diverse industry portfolio is a key factor to its ability to create value, providing it with the choice to make investments across a broad spectrum of businesses, wherever it perceives the opportunity to enhance sustainable returns. The Group's representations and strategic alliances with reputed global institutions and large multinational corporations confirm its unparalleled local stature."
- Plan, develop, implement and monitor information security risk, action of remediation, progress of implementation and outcomes.
- Perform monitoring and reviews to assure compliance with risk management strategies and practices are in place and sufficient to safeguard information, underlying systems and infrastructure.
- Development and maintenance of information security policies and undelaying documentation.
- Be a part of the development, maintenance and periodic testing of Technology Disaster Recovery Plan.
- Delivery of the Group Information Security Awareness Program and testing of its effectiveness.
- Contribution through risk control consultancy on implementation projects of new technology developments, changes and acquisitions.
- Coordinate activities related to external security audits, reviews and assessments while providing necessary professional assistance when required to the internal parties.
- Bachelor's Degree in Computer Science or Information Technology from a recognized University/ Institute.
- Knowledge of Information Security, Information Systems Audit and Cyber Security.
- Minimum of 05 years of experience in the similar capacity.
- Having a professional qualification is highly desirable (CISA / CISM / CRISC / CISSP / ISO 27000 Lead Auditor)
- Exposure in different operating systems such as Windows, Unix / Linux.
- Should be able to work with minimum supervision, problem solving skills and capability of engaging in multiple projects simultaneously.
- Remains current on information security risks, trends and emerging technologies.
- Knowledge on legislative and statutory requirements and ISO 27000 and ISO 22301
- Ability to travel when necessity arises to various business locations of the organization.
Apply via SpotJobs
Please click APPLY NOW button to upload your CV via SpotJobs