The IT Security Officer (ITSO) is responsible for developing,implementing, and maintaining the organisation’s cybersecurity framework,ensuring compliance with security policies, and safeguarding information assets. This role oversees security operations, risk assessments, incidentresponse, access control, and compliance with regulatory and industry standards. The ITSO works closely with internal departments and external partners to ensure a secure digital environment. Key Responsibilities A. Security Governance & Compliance Develop, review, and enforce IT security policies, standards, and procedures. Maintain compliance with regulatory requirements Conduct periodic security audits, vulnerability assessments, and compliance checks. Prepare documentation, reports, and evidence for internal and external audits. Lead awareness programs to promote cybersecurity culture across the organisation. B. Security Operations & Monitoring Monitor security events, alerts, and logs using SIEM, EDR, and other monitoring tools. Conduct threat analysis and respond to suspicious activities. Manage user access rights, privileged accounts, and identity lifecycle. Oversee endpoint protection, patch management, and secure configurations. Perform regular reviews of firewall, network, and application security. C. Incident Response & Recovery Lead cybersecurity incident investigations, triage, containment, and recovery. Maintain and improve the Incident Response Plan (IRP) and Disaster Recovery (DR) procedures. Conduct post‑incident reviews and recommend preventive measures. Coordinate with external cybersecurity vendors and authorities when required. D. Risk Management Perform IT risk assessments and maintain the IT risk register. Identify security gaps, evaluate vulnerabilities, and recommend mitigation strategies. Assess security posture of third‑party vendors and systems. Provide security input for new IT projects, system changes, and application rollouts. E. Project & Advisory Support Wor