Information Security Manager - 1582
Job Details
Full Job Description
Key Responsibilities:
• Develop, implement, and maintain the
organization's information security policies, procedures, and
standards in accordance with industry best practices and regulatory
requirements.
• Establish partnerships with IT function in
implementing technical controls and policies enforcement to provide
assurance on operating effectiveness of cybersecurity function.
•
Conduct regular risk assessments and vulnerability scans to identify
potential security threats and weaknesses in the organization's
infrastructure, applications, and processes.
• Develop and manage
a comprehensive security awareness and training program to educate
employees about information security risks and best practices.
•
Lead incident response activities, including investigating security
breaches, coordinating with internal teams and external partners, and
implementing corrective actions to mitigate future risks.
•
Collaborate with IT teams and business units to integrate security
controls into the organization's systems and applications.
• Stay
informed about the latest trends and developments in information
security, including emerging threats, technologies, and regulatory
requirements.
• Provide guidance and support to IT and business
stakeholders on security-related matters, including compliance with
data protection laws and regulations.
• Manage relationships with
external vendors, consultants, and service providers to ensure the
effectiveness of security solutions and services.
• Prepare and
present regular reports to senior management and stakeholders on the
organization's security posture, incidents, and remediation
efforts.
Qualifications:
• Bachelor's degree in computer
science, computer engineering, information technology, or a related
field. Master's degree preferred.
Experience:
• Minimum 8
years of relevant degree.
Certificates Required:
• Certified
Information Systems Security Professional (CISSP), Certified
Information Security Manager (CISM), or equivalent certification is
highly desirable.
Skillset Required:
• Proven experience in
information security management, including policy development, risk
assessment, incident response, and security awareness training.
•
In-depth knowledge of security frameworks and standards such as ISR,
ISO 27001, GDPR, NIST, PCI-DSS, OWASP, and MITRE.
• Strong
understanding of network security, encryption, access controls,
identity and access management, and security technologies.
•
Excellent communication skills, with the ability to effectively convey
complex technical information to non-technical stakeholders.
•
Strong analytical and problem-solving skills, with the ability to
assess security risks and develop appropriate mitigation
strategies.
• Experience managing security projects and
initiatives.
• Ability to work effectively both independently and
as part of a team in a fast-paced and dynamic environment.
• High
level of integrity, professionalism, and commitment to maintaining the
confidentiality and integrity of sensitive information.
•
Knowledge of information systems cyber security architecture and
compliance.
• Knowledge of security risk assessment.
•
Knowledge of advanced IT security and IT audit concepts and
techniques.
• Knowledge of various operating system,
Virtualization, Databases, web/API security.
• Knowledge of IT
Security solution like WAF, FW, IDS/IPS, Encryption, EDR, PAM, FIM,
NAC, VPN, authentication methods such as multi-factor
authentication.
• Knowledge of enterprise physical and virtual
data center infrastructure.
• Knowledge of network architecture
principles of network design and security.
• Knowledge of
principles and concepts of establishing and documenting baseline
systems performance.
• Ability to ensure compliance related to
information security policies.
• Ability to independently compose
clear, complete, and concise correspondence and reports.
• Ability
to utilize security tools such as Qualys, ASM, to identify and report
security related issues.
• Knowledge of both wireless and wired
security best practices.
• Ability to review changes to
Applications, Azure Cloud, IT Infra, Security architecture and provide
recommendations.
#J-18808-Ljbffr
Information Security Manager - 1582
ECS ME
All Direct Job Ads are subject to WhatJobs Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by WhatJobs. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.