CYBER RESILIENCE COORDINATOR

Education and work experience:

Higher education (University degree or higher) in IT area and not less than 4 years of work experience as per speciality.

Main functions:

• Developing Cyber Security Awareness and Training in line with KPO Cyber Security Strategy. Managing Cyber Security Knowledge.
• Developing a cyber resilience enhancement strategy. Coordinating cyber resilience activities and functions in line with the KPO strategy. Being responsible for the implementation of Cyber Security Development Programme and Cyber Security Roadmap, including coordinating cyber security projects in close collaboration with Cyber Security Manager and other section heads in Cyber Security Department. Coordinating the business continuity and KPO Emergency Recovery processes from the Cyber Security and IT&T Departments. Coordinating KPO Data Ownership and ECM revision processes with all KPO Departments. Submitting regular strategic reports to the management, DirCom, ConCom, OpCom, parent companies and other stakeholders. 
• Administering the Cyber Security Department's budget planning and resourcing on a daily basis with smooth operations including preparation for budget approval. Liaising with suppliers, contractors, IT&T Budget and Cost Control Team, Contracts and Procurement Department, PSA LLP (authorised body) at all stages of budget, contract and procurement approvals.
• Develop, lead and implement KPO Cyber Security Awareness and Training Campaign to provide employees with a fundamental understanding of information security, cyber threats, secure operations at work and at home, data leakage, ransomware, social engineering, etc. Provide statistics reports on Cyber Security Awareness and Training Campaign to DirCom, ConCom, OpCom, Parent Companies and other stakeholders.
• Coordinate, design and implement a Cyber Security knowledge management process for KPO users. Coordinate a centralized repository to store all critical cyber security documentation, standards, policies and other digital artefacts. 
• Annually review the Cyber Security knowledge management framework for relevance with Cyber Security Manager and make updates as required.
• Implement the Cyber Security Development Programme and Cyber Security Roadmap jointly with the Cyber Security Manager, Cyber Security Department Section Heads. Interact with KPO divisions, parent companies, contractors and other stakeholders as the person responsible for the implementation of the Cyber Security Development Programme. Provide data and prepare project status reports to management for onward referral to DirCom, ConCom, OpCom, parent companies and other stakeholders. 
• Coordinate and properly execute the Department's information security projects. Provide methodological support from the project management office (PMO) to other Cyber Security Department Section Heads. Coordinate Cyber Security Department projects in terms of allocating resources to projects, maintaining project documentation, coordinating suppliers for project implementation, and completing projects on time and within budget. Regularly report the project status to the Cyber Security Manager. 
• Coordinate and administer the KPO Business Continuity Planning process on the part of the Information Technology and Telecommunications and Cyber Security Departments. Be responsible for maintaining the BCP Portal and related processes. Conduct testing to evaluate the effectiveness of the business continuity process for overall compliance with cyber security frameworks and policies. Jointly with the Corporate Governance Directorate, conduct BCP/DRP tests for vulnerability absence on the part of Information Technology and Telecommunications and Cyber Security Departments. 
• Develop and manage the emergency recovery planning process for KPO systems. Be responsible for the preparation and continued maintenance of annual emergency recovery plans. Ensure that KPO Emergency Recovery Instructions are up to date. 
• Coordinate the Data Ownership (DO) review process for common areas and applications/systems. Supervise the ECM (electronic document management) validation process. Learn cybersecurity best practice rules and standards to ensure that data ownership review processes are aligned with identity and access management. 
• Keep the Cyber Security Manager and relevant parties regularly informed of the cyber resilience metrics/key performance indicators (KPIs). 
• Be responsible for the process of providing information to auditors and handling audit findings within the Cyber Security Department related to cyber resilience, cost budget allocation, project management, data ownership, business continuity and emergency recovery planning process, etc. 
• Be responsible for preparing and administering the Cyber Security Department's budget. Advise the Cyber Security Manager on the assessment of the cyber security budget and ensure the budget is ready to be submitted for review. When necessary, participate jointly with the Cyber Security Manager in technical meetings with PSA LLP (authorised body representatives) and other relevant stakeholders to agree the Cyber Security budget. 
• Organise and coordinate the management of the Cyber Security Department's assets including services, hardware, software, subscriptions, etc. and ensure they are allocated in accordance with the approved budget. Operate the organisation's accounting and inventory systems and update associated documentation. Liaise with Contracts and Procurement Department, contractors, suppliers in accordance with KPO procedures and contractual terms and conditions. 
• Be responsible for accounting for the actual operating expenses and financial reporting of the Cyber Security Department. Liaise with IT&T Budget and Cost Control Section, Finance Directorate in accordance with KPO procedures. 

Necessary knowledge and skills:

• Intermediate (B1) English level is an advantage on this role;  
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, and The National Institute of Standards and Technology (NIST).
• Understanding of Information Technologies systems, knowledge of operating systems, telecommunications, databases, applications, etc.
• Cyber security education, awareness and training standards, methodologies and frameworks. Cyber security related laws, regulations and legislations.
• Cyber security recommendations and best practices. Cyber security standards, methodologies and frameworks. Cyber security controls and solutions.
• Knowledge of budget preparation, tracking and its performance review processes.
• Methods of documentation preparation and indication of accounting transactions in invoices connected with assets inventory holdings and funds.
• Project management knowledges including frameworks, methodologies, processes;
• Strong leadership skills and the ability to work effectively with business managers and IT teams.
• Experience with contract and vendor negotiations and management including managed services.
• Strong decision-making skills, problem solving and excellent analytical ability.
• Excellent prioritization skills to meet deadlines, manage workload effectively, use time wisely and avoid distractions, adapt to changes and re-evaluate priorities in time.
• Ability to lead and manage technical personnel.
• Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism.
• Ability to prioritize and complete work to given quality standards by agreed-upon deadlines.
• Excellent written and verbal communication skills