Information Security Manager
28 марта, 2018
Develop and maintain short- and long-term corporate security plans / projects aligned with business objectives.
Establish and maintain strong relationships with both senior and operating level business leaders to ensure alignment to customer and business needs while prioritizing key initiatives.
Plan, coordinate corporate security department activities.
Actively manage objectives, identify potential gaps, and develop improvement plans.
Effectively inform stakeholders about the status of the information security posture.
Coordinate the development and review of information security policies, standards and procedures.
Acquire a complete understanding of a company's technology and information systems.
Keep abreast of new technology and recommendations for the company.
Plan, research and design robust network and system security architecture.
Enforce systems development, deployment and operation according to security policies.
Responsible for risk, identity, incident management; compliance and audits, security architecture, secure software development life cycle, security operations center etc.
Anticipate new security threats and stay-up-to-date with evolving infrastructures.
Develop strategies to handle security incidents and coordinate investigative activities.
Prepare financial forecasts for security operations.
Prioritize and allocate security resources correctly and efficiently.
Provide leadership, training and technical advice to corporate security team. Identify and address training and career development needs.
Responsible for department and individual performance assessments and improvement plans.
Serve as the compliance officer with respect to information security policies and regulations. Prepare and submit required reports to external agencies.
Serve as the contact point for information security, privacy and copyright infringement incidents, including relationships with law enforcement entities.
Serve as the company contact point for external auditors and agencies, survey requests, etc. on security / privacy matters.
Serve as the lead information security technical liaison between customer staffs and other supporting entities.
Coordinate the development and delivery of an education and training program on information security and privacy matters for stakeholders.
Review, approve and recommend changes to the existing and proposed systems, as needed, to address gaps in the existing security posture.
Review firewall, switch, router, server, workstation and virtual environment configurations.
Work with stakeholders to produce / maintain comprehensive documentation on network architecture, deployed systems and applications.