Information Security Manager

Information Security Manager

The Information Security Manager is responsible for leading the security operations and daily activities of the Information Security department. This includes leading a team of engineers, performing IT security assessments, working on IT security design and analysis, and evaluating and analyzing threat and vulnerability. The Information Security Manager must have a strong technical background in information security and be familiar with a variety of security frameworks and technologies.

You will be working within a very modern cloud-based digital native utilizing the latest development and engineering practices.

Responsibilities:

• Lead a small team to perform various business tasks including performance assessments, coaching and salary recommendations.
• Perform IT security assessments for clients (e.g. security risk assessments, IT network infrastructure reviews, system technical configurations review, information security policies and processes/procedures review etc.)
• Work on IT security design and analysis, and business continuity management, SOC 2 assessment and implementation of CIS top 18 Controls measurement.
• Evaluate and analyze threat and vulnerability impact and risk of security issues discovered from security assessments
• Advise clients on security matters including explanation on the technical details and remediation of vulnerabilities
• Review IT projects to ensure alignment of Information Security initiatives
• Utilize proven methodologies to improve our service delivery as an integrated group across incident response and daily activities
• Improve the security of CI/CD Pipelines using shift-left security approaches
• Support the Data Protection Officer in the support of identification and enhancement of solid data processing controls
• Ensure Information Security policies and controls continue to be enhanced over time as the corporation matures and threats evolve
• Function as Incident Response Manager for any cybersecurity incidents that occur

Qualifications:

• Background in Cyber Security or Computer Science/Information Technology with at least 5 years in the domain
• Extensive technical background and knowledge of Ethical Hacking/Engineering
• Knowledge of Linux and server hardening
• Knowledge of SOC 2/CIS TOP 18 or ISO 27001/NIST Cyber Security Frameworks
• Strong knowledge of Amazon Web Services.
• Strong knowledge of incident response
• Excellent command of written and Spoken English.
• Understanding and working knowledge of Agile /SDLC/ Hybrid methodology
• Understanding of SECDEVOPS and CI/CD Pipelines

Benefits:

• Competitive salary and benefits package
• Chance to make a real impact on the security of our clients and our company's systems
• Challenging and rewarding work environment

If you are a highly motivated and experienced information security professional with a passion for protecting our clients data, we encourage you to apply for this exciting opportunity.

Please send your resume and a cover letter to [email protected]