IT project controller

• Develop, implement and continuously improve the information security assurance framework consisting of vulnerability assessments and penetration tests (applications, servers and network systems) based on OWASP & OSSTMM practices and ensure the program is executed on periodic basis.• Perform investigations relating to suspected breaches of information security policies and standards or security compromise.• Monitor and continuously review systems on an on-going basis, for the compliance with the information Security Policies, procedures and standards and initiate corrective actions in the event of any violations.• Ensure all the identified security weaknesses and risks are managed through their life-cycle from identification to resolution to verification and closure through the Information Security Risk Tracking system and provide appropriate visibility of the same to the Management.• Keep abreast of new exploits, threats and security risks in the industry and the region. Monitoring of network and systems against these, to promote awareness to IT operations team to action immediate improvements or containment.• Provide regular summary reports to management on the risk status and the potential and likely impact as gathered from assessments, reviews, investigation and risk mitigation validation.