
Conducts security risk analyses on IT projects, ensuring compliance with policies and frameworks. Participates in solution design, assessing security impacts and proposing controls. Validates security requirements in procurement and onboarding of third parties. Conducts phishing simulations, responds to audit requests, and implements security controls. Monitors cybersecurity alerts, participates in incident response, and supports secure development cycles. Creates reports and dashboards, manages the SOC service, and acts as a liaison on cybersecurity issues. Develops and maintains the cyber and IT risk management framework. Identifies, assesses, and prioritizes cyber and IT risks. Defines and monitors treatment plans.