.Purpose & Overall Relevance for the Organization: The selection, design, justification, implementation, and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability, and relevant compliance of information systems with legislation, regulation, and relevant standards.Key Responsibilities:Information Security: Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards. Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis, and accreditation on complex information systems. Investigates major breaches of security and recommends appropriate control improvements. Contributes to the development of information security policy, standards, and guidelines.Specialist Advice: Actively maintains recognized expert level knowledge in one or more identifiable specialisms. Provides definitive and expert advice in their specialist area(s). Oversees the provision of specialist advice by others, consolidates expertise from multiple sources, including third-party experts, to provide coherent advice to further organizational objectives. Supports and promotes the development and sharing of specialist knowledge within the organization.Research: Within given research goals, builds on and refines appropriate outline ideas for research, including evaluation, development, demonstration, and implementation. Applies standard methods to collect and analyze quantitative and qualitative data. Creates research reports to communicate research methodology, findings, and conclusions. Contributes sections of material of publication quality. Uses available resources to update knowledge of any relevant field and curates a personal collection of relevant material. Participates in research communities.Emerging Technology Monitoring: Supports monitoring of the external environment and assessment of emerging technologies to evaluate the potential impacts, threats, and opportunities to the organization. Contributes to the creation of reports, technology road mapping, and the sharing of knowledge and insights.Security Administration: Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures. Provides guidance in defining access rights and privileges. Investigates security breaches in accordance with established procedures and recommends required actions and supports/follows up to ensure these are implemented.Digital Forensic: Contributes to digital forensic investigations. Processes and analyzes evidence in line with policy, standards, and guidelines and supports the production of forensics findings and reports.Penetration Testing: Maintains current knowledge of malware attacks and other cybersecurity threats. Creates test cases using in-depth technical analysis of risks and typical vulnerabilities