Role Purpose
The overall responsibility to plan and implement policies to protect a DCAA’s computer network and data from various forms of security breaches. Also, responsible for identifying vulnerabilities and to resolve them, ensuring that DCAA’s network and data remain secure.
Key Responsibilities
A. Functional:
1. Identifying vulnerabilities in DCAA technology network.
2. Developing and implementing a comprehensive plan to secure DCAA’s computing network.
3. Monitoring network usage to ensure compliance with security policies.
4. Keeping up to date with developments in IT security standards and threats.
5. Performing penetration tests to find any flaws.
6. Collaborating with management and the IT department to improve security.
7. Documenting any security breaches and assessing their damage.
8. Educating DCAA’s staff about security systems and best practices for information security.
9. Maintain documents management, and management review of ISO standards related to IT implemented in DCAA, namely ISO27001, and ISO20001.
10. Develop and implement information security policies, protocols and procedures, and implementing those network security policies in accordance with the standards and policies approved by the competent government organizations.
11. Plan and coordinate security operations, and create reports for management on security status
12. Ensure the Implementation of the fundamentals of cyber security governance and risk management framework and standardized processes and tools that enable best practice approach to DCAA and optimize organizational maturity level. Include reviewing reports on information security incidents and breaches, and investigate and resolve issues
13. Ensure compliance with non-disclosure and confidentiality agreements, as well as DCAA security policies, to safeguard both government and DCAA confidential information. Address and rectify any ISR audit findings, promptly report security incidents, and engage in ongoing security awareness training to prevent unauthorized access or disclosure.
14. Provide support to (Executive Director Corporate Support and Communication Sector) and perform other related duties as may be assigned from time to time.