To ensure and support Information security operations and protect ENEC's internal systems and coordinate between the various ENEC functions. Moreover to ensure that security controls are maintained and under compliance of the existing Information Security Standards applied within ENEC. Activity: Information Security Responsibility:

• Obtains and acts on vulnerability information and conducts security risk assessments for business applications and computer installations;
• Provides authoritative advice and guidance on security strategies to manage the identified risk.
• Investigates major breaches of security, and recommends appropriate control improvements.
• Interprets security policy and contributes to development of standards and guidelines that comply with this
• Performs risk assessment, business impact analysis and accreditation for all major information systems within the organization.
• Ensures proportionate response to vulnerability information, including appropriate use of forensics.

Activity: Information Assurance Responsibility:

• Provides authoritative advice and guidance on Information assurance architecture and strategies to manage identified risk.
• Familiar with major legislation relevant to security of information.
• Interprets security and assurance policies and contributes to development of standards and guidelines that comply with these.
• Uses testing to support information assurance.

Activity: Availability management
Responsibility:

• Provides advice, assistance and leadership associated with the planning, design and improvement of service and component availability, including the investigation of all breaches of availability targets and service non-availability, with the instigation of remedial activities.
• Plans arrangements for disaster recovery together with supporting processes and manages the testing of such plans.

Activity: Asset Management Responsibility:

• Controls IT assets in one or more significant areas, ensuring that administration of the acquisition, storage, distribution, movement and disposal of assets is carried out.
• Produces and analyses registers and histories of authorized assets (including secure master copies of software, documentation, data, licenses and agreements for supply, warranty and maintenance), and verifies that all these assets are in a known state and location.
• Ensures that there are no unauthorized assets such as unlicensed copies of software.

Activity: Security and Administration Responsibility:

• Drafts and maintains the policy, standards, procedures and documentation for security.
• Monitors the application and compliance of security operations procedures and reviews information systems for actual or potential breaches in security.
• Ensures that all identified breaches in security are promptly and thoroughly investigated.
• Ensures that any system changes required to maintain security are implemented.
• Ensures that security records are accurate and complete.
• Security management (including network security, identity management, security events and incidents)
• To conduct security researches to keep abreast of latest security issues and ensure that ICT is briefed accordingly.
• To participate in the planning and the implementation of all computing and network infrastructure projects (i.e. upgrades, enhancements, etc.) to ensure compliance with the IT Security architecture.

Activity: Continuity management Responsibility:

• Owns the service continuity planning process and leads the implementation of resulting plans.
• Coordinates the identification by specialists across the organization of information and communication systems which support the critical business processes, and the assessment of risks to the availability, integrity, and confidentiality of those systems.
• Evaluates the critical risks associated with these systems and identifies priority areas for improvement.
• Coordinates the planning, designing, testing of maintenance procedures and contingency plans to address exposure to risk and ensure that agreed levels of continuity are maintained.

Activity: HSE Responsibility:

• Ensure compliance to all relevant health, safety and environmental management policies, procedures and controls across the Division/Department/Section by delivery of the HSE Management Program to guarantee employee safety, legislative compliance, delivery of high quality service and a responsible environmental attitude

Skills