.Job Contributions and Key Responsibilities: Information Security Governance Executing the Information Security Strategy implementation. Implement, document, and maintain cybersecurity controls. Provide accurate information to deliver security metrics. Develop and maintain the information security policy framework documents. Document Information Security Policy Exceptions. Risk Management Perform risk assessments and address risks to reduce their impact. Document and maintain risk registries. Execute vendor risk assessments. Operate risk remediation activities for cybersecurity risks. Monitor proactively cybersecurity risks. Learn new cybersecurity trends and cybersecurity standards or best practices. Information Security Incidents Monitor and investigate cybersecurity breaches and incidents. Communicate cybersecurity incidents. Follow up post-mortem activities. Document and remediate security incidents. Travel to remediate cybersecurity incidents and events. Compliance Prepare information for security audits performed by the organization or third parties. Maintain legal and compliance requirements registers for IT, Information Security, and Privacy. Awareness Execute the Information Security Awareness Program. Perform Information Security Awareness Tests. Report Information Security Awareness Metrics. Travel to perform information security awareness on-site trainings. Security Operations Monitor and mitigate 365/24/7 security operations events. Assess and remediate current technology architecture for vulnerabilities, weaknesses, and possible upgrades or improvements. Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs. Coordinate the performance of Penetration Testing exercises and Vulnerability Assessments with third parties. Execute and maintain Business Impact Analysis, Business Continuity, and Disaster Recovery plans. Monitor, validate, and mitigate phishing reports. Knowledge: Breadth and depth of cybersecurity knowledge - Basic. Grasps features, functions, and value associated with technology products - Basic. Experience in problem solving, coding, scripting, management and development of applications, and security workflow design - Basic. Deep experience with a variety of industry-leading security products - Basic. Experience developing and administering cybersecurity - Basic. Skills: Operates in complex environments and takes responsibility - Basic. Effectively manages projects - Basic. Identifies and resolves problems in a timely manner. Gathers and analyzes information skillfully. Develops alternative solutions. Works well in group problem-solving situations - Basic. Analytical - Synthesizes complex and/or diverse information. Collects and researches data. Uses intuition and experience to complement data. Designs workflows and procedures - Basic