IT Security Manager
|Требования:||Work with IT Director to define IT security frameworks for implementation.|
-Manage overall risks matrix by coordinating the information security management systems and controls.
-Manage the oversight of risk assessments including but not limited to vulnerability scanning, penetration testing, new infrastructure/applications, and third party service provider reviews.
-Coordinate information security and risk management projects.
-Maintain an up-to-date understanding of industry best practices, monitor the legal and regulatory environment for developments that could require changes to established policies, standards and practices.
-Work directly with leadership and staff within IT and other business departments to facilitate risk analysis and risk management processes, identify acceptable levels of residual risk, establish roles and responsibilities related to information classification and protection.
-Follow up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, internal and external audits to ensure that appropriate remediation measures have been taken.
-Work within group-wide information security programs and information security projects that address identified risks and business security requirements.
-Monitor and report on compliance with the information security policies, as well as the enforcement of policies within the IT department.
-Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance.
-Assist resource owners and IT staff in understanding and responding to security audit findings reported by internal and external auditors.
-Provide security communication, awareness and training for audiences of internal and external staff in the business units.
-Work as a liaison with IT, legal, and procurement areas to establish mutually acceptable contracts and service-level agreements, which cover information security and disaster recovery.
-Serve as an active and consistent participant in the information security governance process.
-Provide support and guidance for legal and regulatory compliance efforts, including leading client information security assessments and audits.
|Квалификация:||Bachelor's degree or equivalent experience in computer science and or related discipline;|
-4+ years of strong technical background in an enterprise environment;
-Previous management experience desirable along with project management skills;
-Desired experience with multiple information technologies;
-Experience in ground up building and maintaining the enterprise information security layer;
Skills & Abilities:
-Demonstrated self-motivation, analytical, problem solving skills and initiative to achieve desired outcomes;
-Ability to manage time, balance multiple tasks and constantly work with changing priorities;
-Good objective Quality Control: won't accept half-baked work;
-Upper-intermediate level of English.