Information Security Manager

Overview

Key Responsibilities

• Support the Regional CSO and the Senior Information Security Manager in the definition of the Cyber Defense Strategy.
• Define policy, process frameworks, or/and update them periodically.
• Manage the security tools – vulnerability scanner, policy compliance, source code scanner, cloud security monitoring tools.
• Define or/and update the security KPI, KRI dashboard for presenting to various internal and external committees and maintain them in collaboration with IT Operations and Platform Owners within the acceptable thresholds.
• Govern the deliverables of SOC and maintain the KPI in check.
• Guide the Security Analysts in alerts and investigations as needed mentor the team.
• Ensure the SOC monitors all operations and infrastructure from a Security perspective.
• Support the Senior Manager on areas of risk management, especially around 3rd party risk assurance and assessment functions.
• Respect the annual budget defined for his activities and projects.
• Ensure the achievement of the annual IS Targets (KPIs) agreed.
• Lead the implementation of complex projects related to Information Security and Cyber Defense.
• Collaborate in strategic deliverables on improving protection around crown jewels through data loss prevention and identity and access management program across the organization.
• Ensure compliance with legal and regulatory requirements for Cyber Defense and SOC, adopting the necessary measures according to the local environment.
• Supporting and actively collaborating in other IT initiatives, key transformation projects.
• Work closely with Platform Owners, Architecture team and IT Operations to define Security by Design and Privacy by Design approach from the beginning of the projects.
• Lead and manage all Cyber Defense Governance (Committees, guidelines, correspondents, etc.).
• Operational & technical responsibilities:
• Logical structure thought processing to find sound solutions,
• Drive teams for successful outcomes,
• Design formal Project plans and present to key stakeholders,
• Able to manage transversal teams and project concepts succinctly and concisely,
• Able to focus self and team under pressure for long periods, prioritize important tasks and adhere to tight timelines.

Essential

• Positive attitude and problem-solving mindset
• Supporting organizations best interest first
• Strategic thinking
• Expert knowledge on information and data security
• Seasoned on both Offensive and Defensive Security.
• Strong knowledge concerning Information Technology (Applications, Architectures, Networking, Infrastructures, etc.)
• Good “Timekeeper”
• Open minded to international environment
• Management and leadership skills.
• Team player.
• Good interpersonal relationship and communication skills.
• Excellent English written and spoken communication skills.
• Able to work independently under minimum supervision.
• Ability to make a positive impact in the organization.
• At least a bachelor’s degree in computer science or cybersecurity streams
• International Information Security Standards (ISO 27001, CIS, NIST, etc.)

Desirable

• CISSP, OSCP, GPEN, GCIH, like well recognized certification(s).
• Not mandatory but an advantage on having any cloud specialization like –

o Microsoft Certified: Azure Security Engineer Associate

• o AWS Certified Security – Specialty
• Good knowledge of local laws and regulations with impact in Cybersecurity