Analyses the security risks of technologies (data security, identity and access security, cloud, etc.) and security tools and services, and assesses their impacts and makes recommendations; Controls and validates IT infrastructure and other reference architectures in line with Group IT security standards, and recommends changes to improve IT security and reduce IT risks where appropriate; Works with the Group’s technical architects and security team to share best practices around IT security; Works with the business continuity management (BCM) team to validate IT security practices for BCM testing and operations in the event of failover; Facilitates the modelling of threats to services and applications as part of identified IT risks and the management of related data; Supervises testing and validation of internal security controls as directed by the CISO or the internal audit team; Helps to draft and update IT security procedures and standards at the request of the CISO (Group or entit...