The Infosec Manager, reporting to the Director of Information Security, will develop approaches to address critical security issues while assisting with delivery of security services and leading governance, risk management and compliance initiatives.
The successful candidate will have good level of expertise in multiple information security domain areas such as security operations, network security, asset security and security engineering. This is an interesting role where this security leader,
acting as the face of the information security department, will champion information security agenda and assist with the
interpretation of security standards and policies to relevant internal stakeholders and external partners.
- Oversee the management of threat and vulnerability services.
- Coordinate with the SOC around the handling of security incidents.
- Monitor threat information channels and take actions as needed.
- Develop and operate an enterprise-wide information risk management program.
- Create and maintain templates, processes and procedures required to operate an effective information risk
- management program.
- Assist with identification and definition of mission-critical information assets based on a sound understanding of company’s value chains.
- Provide guidance on security standards to internal and external parties that are delivering new systems or changing existing ones.
- Work with team members to ensure effective delivery of business-focused information security services.
- Maintain situational awareness of regulatory and cyber threat landscapes with a view to proactively limiting the likelihood of adverse cyber-related events occurring.
- Collaborate with fellow professionals to plan and execute information security risk remediation activities • Assist in conducting penetration testing and red teaming.
- Own the collection and analysis of security event data to deliver KRIs and KPIs that clearly communicate the maturity and effectiveness levels of implemented security controls.
- At least 2 years of people management is required.
- Minimum of 8 years’ experience in at least two core domains of information security is required.
- Bachelor’s degree in computer science, information systems, engineering or a related field is desirable.
- Post-graduate degree OR equivalent combination of education and years of related experience is desirable.
- Candidate must have at least one of the following certifications: CISSP, CCSP, CISM, or GIAC.
- Experience developing and running enterprise-wide initiatives such as incident response, threat and vulnerability management, and information risks assessments, tracking and remediation is essential.
- Strong understanding of cloud security and experience leading digital transformation initiatives from an information security standpoint is desirable
- Excellent verbal and written communications skills is required • Must have extensive experience identifying and communicating security weaknesses in legacy deployments
This position comes with competitive salary, bonus (paid twice a year), restricted stock units, unlimited PTOs, and lots of other benefits
Share Job Listing