Job Summary:
We are seeking an experienced Information Security Manager to lead the development, implementation, and management of our organization’s information security programs. This role involves overseeing security policies, risk management, incident response, and security awareness training. The candidate will collaborate with IT teams and business units to ensure the integration of robust security controls across systems and applications. Additionally, the role includes the development and enforcement of Identity and Access Management (IAM) strategies and ensuring compliance with regulatory requirements and governance frameworks.
Must Have Skillsets (Mandatory):
- Information Security Management: Proven experience in developing and managing information security policies, risk assessments, incident response, and security awareness programs.
- Security Frameworks and Standards: In-depth knowledge of ISR, ISO 27001, GDPR, NIST, PCI-DSS, OWASP, and MITRE.
- Identity and Access Management (IAM): Expertise in IAM strategy development, governance, and enforcement across various platforms (on-premises and cloud).
- Technical Proficiency: Strong understanding of network security, encryption, access controls, security tools (WAF, IDS/IPS, PAM, etc.), and security technologies.
- Regulatory Compliance: Knowledge of compliance with data protection laws and regulations, including risk management and audit reporting.
- Communication and Leadership: Excellent communication skills for conveying complex technical information to non-technical stakeholders and providing guidance to IT and business teams.
- Analytical Skills: Strong analytical and problem-solving abilities, with experience in assessing security risks and developing mitigation strategies.
Good to Have Skillsets (Optional):
- Project Management: Experience in managing security projects and initiatives.
- Cloud Security: Familiarity with cloud platforms (Azure, AWS, Google) and their security frameworks.
- Virtualization and Database Security: Knowledge of virtualization, database security, and advanced IT security concepts and techniques.
- IAM Tools and Methodologies: Experience with IAM tools, Web Access Management, and applying new methodologies to Identity Access Management.
- Internal Audit and Risk Management: Proficiency in drafting risk and audit reports, as well as managing security risk programs.
Qualifications and Experience:
- Education: Bachelor’s degree in Computer Science, Information Technology, or a related field. A Master’s degree is preferred.
- Experience: Minimum of 8 years in information security management, with a focus on IAM, security frameworks, and regulatory compliance.
- Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or equivalent certification is highly desirable.
- Soft Skills: High level of integrity, professionalism, and commitment to maintaining the confidentiality and integrity of sensitive information. Strong ability to work both independently and as part of a team.