​​Vacancies​​

Keyword

Location


Search  
View all  

Specialist, AKU Global IT Security Office

Department

Information Security Office

Entity

Aga Khan University

Location

Karachi, Pakistan

Introduction

The Aga Khan University is a private, international university committed to international standards of excellence in teaching, research and service. Its teaching hospital, the Aga Khan University Hospital has been accredited by the prestigious Joint Commission International for achieving the highest international healthcare standards.

Responsibilities

Reporting to the Senior Manager, AKU Global IT Security. Specifically, you will be responsible to;

  • assist in preparation, assessment and enforcement of information security policies, standards, guidelines and procedures to ensure ongoing maintenance of security for all campuses
  • ensure all IT and Information Security programs and policies are in compliance with applicable privacy and identity theft laws and other regulations such as PCI-DSS, ISO27001 etc.
  • monitor security trends and drive security best practices throughout the organization
  • monitor for security breaches and investigate a violation when one occurs prepare reports that document security breaches and the extent of the damage caused by the breaches
  • evaluate and recommend counter measures against threats to information or privacy globally
  • identify/recommend tools, processes, software, and hardware to improve or replace current security infrastructure practices, services, or technologies used globally to meet future requirements
  • coordinate with internal and external auditors, third party firms and consultants for audits, security risk assessments, vulnerability scans and penetration tests
  • manage and drive remediation efforts related to information security; remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits for all campuses and critical practice assessments
  • understands the business activities performed by AKU, and based on this understanding, suggests appropriate information security solutions that adequately protect these activities AKU- wide
  • participate in planning and implementation of AKU-wide security awareness and education programs that are aligned with global security policy, standards, regulatory requirements, and industry practices
  • identifying information security weaknesses and/or gaps in the current operations and working with other teams to bring information security operations up to standards AKU wide
  • work with other departments such as internal audit, legal and vendors to supervise AKU-wide information security requirements are incorporated into the rollout of new systems
  • review of audit logs for critical applications, databases, OS and networks
  • provide support and guidance to internal users when they need to learn about new security products and procedures
  • work with the Technology team to manage threat protection strategies to include all layers of Information Security strategies such as firewalls, patching, anti-virus, log monitoring, data backup, disaster recovery, etc.
  • organize and conduct organization wide Information Security awareness programs and campaigns. 

Requirements

  • Master’s degree in Computer Science, Information Technology, Information Security or related field
  • 5 - 7 years of hands-on experience in IT and Information Security Management.
  • possession of standard certifications including CISSP, CISM, CISA, strongly preferred
  • prepare, assess and enforce information security policies, standards, guidelines and procedures to ensure ongoing maintenance of security for all campuses
  • strong knowledge of Information Security and technology standards including but not limited to ISO 27001, COBIT, ITIL, HIPAA etc.
  • evaluate and recommend new global information security technologies and counter measures against threats to information or privacy globally
  • ability to administer incident response planning and investigation process of security breaches globally, and facilitate the management with disciplinary and legal matters associated with such breaches as necessary
  • ability to perform information security risk assessments, critical practice assessments and identify information security weaknesses and/or gaps in the current operations is a must
  • knowledge of Business Continuity Planning, IT Disaster Recovery, auditing, and risk management, as well as contract and vendor negotiation
  • ability to manage and drive remediation efforts related to information security; remediation may be from incidents, penetration tests, vulnerability scans, internal/external audits for all campuses and critical practice assessments
  • understands the business activities performed by AKU, and based on this understanding, suggests appropriate information security solutions that adequately protect these activities AKU-wide
  • ability to work with other departments and vendors to supervise AKU-wide information security requirements are incorporated into the rollout of new systems
  • work with a diverse group of individuals in a collaborative team environment
  • must be highly analytical and effectively able to troubleshoot and prioritize needs, requirements and other issues
  • aside from technical skills; excellent communications, teamwork, leadership and conflict management skills.

To Apply

Please Apply Online

 

Applications should be submitted latest by September 12, 2021