REQ11657 Manager, Country Information Security (Open)

POSITION SUMMARY:

The Manager, Country Information Security is responsible for the implementation, operation and overall management of Information Security. This includes the development and implementation of comprehensive information security control, user education and training, compliance and enforcement, incident response and investigation, risk assessment, and contribution to disaster recovery planning.

PRIMARY RESPONSIBILITIES:

Assist in strategic information security planning based on industry-standard best practices to achieve business goals by prioritizing defence initiatives and coordinating the evaluation, deployment, and management of current and future information security technologiesRemain informed on trends and issues in the information security industryDevelop and maintain an information security awareness programDefine policies for the administration of all computer security systems and auditing processesManage and perform information security incident response and investigation activitiesSupport internal and external auditors, and perform audits in compliance to policy, regulation and governanceDesign and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancementsManages or oversees large scale or critical security infrastructure projectsAdminister IT security tools, such as DLP, Web Security Gateway, MDM, VPN,
Vulnerability Management, SIEM, IPS, APT, PIM/PAM, MFA etc.Conduct and manage security assessments and drive security into all the technology developmentsPerforms tasks and/or fulfil responsibilities that may be assigned by management and/or immediate superior as the business operations required.

Experience

9+ years of relevant experience in information securityRequires in depth experience and knowledge of enterprise IT concerns and technologiesExperience in managing a compliance and/or security organization, including planning and

executing security policies and standards development

Understanding of Current data protection directive of EUExperience in implementing Information Security standards such as ISO 27001 and NISTSeven years in information security preferred to include management or administration in least 6 of the following disciplines:Network Security and firewalls (CCSP/CCIE – Security)Relational Database SecurityRemote Access/VPN solutionsInformation Security AuditingIntrusion Detection and ResponseAnti-virus systemsMessaging SecuritySecurity policy and procedure developmentWindows and Active Directory securityIdentity & Access management processesSecurity benchmarking requirements (CIS)Security compliance for Regulatory requirements (ISO 27001/PCI/NERC/SOX/HIPPA/FISMA)Security Strategic Planning and Risk ManagementWeb and application based securityEncryption (KPI/Kerberos/SSL)Experience with security technologies, such as threat management, network security, access control, cryptography, data base security, vulnerability scanning etc.Experience with multiple operating systems Security: Windows, MacOS, Unix, and Linux.A solid understanding of network design, architecture, OSI model and TCP/IPExposure to Cloud computing and securityExperience in Security Strategic Planning and Risk Management

Education

A bachelor’s degree in computer science and an information security or other similar technical 
certification such as Certified Information Systems Security Professional (CISSP) or Certified 
Information Security Manager (CISM) is highly desirable

Skills / Competencies

Proven excellence in researching, organizing, writing, and presenting technical informationCapacity to work independently and in a team environment, with proven leadership ability and project management skillsMust have excellent analytical skills, have the ability to multi-task and solid project management skills.Ability to understand the relationship between business processes, priorities, risk and their underlying technologies and security risksAbility to keep pace with a fast pace and growing companyAchieves agreed objectives and accepts accountability for resultsDisplays the highest level of integrityAbility to maintain discretion

PERSONAL COMPETENCIES:

Displays a high commitment to delivering resultsLeads others to achieve business objectivesCommunicates effectivelyAchieves agreed objectives and accepts accountability for resultsDisplays the highest level of integrityAbility to maintain discretionSelf-motivatedApproachable