IT Security Manager

Дата:30 Мая
Работодатель:Abona Deutschland GmbH
Квалификация:• A minimum of six years of IT experience, with five years in an information security role and at least one year in a supervisory capacity

• A bachelor's degree in information systems or equivalent work experience

• Experience with common information security management frameworks, such as ISO 2700x, ITIL, COBIT, NIST frameworks

• Experience developing and maintaining policies, procedures, standards and guidelines

• A strong understanding of the business impact of security tools, technologies and policies.

• Experience in system technology security testing (vulnerability scanning and penetration testing)

• Familiarity with the principles of cryptography and cryptanalysis

• An understanding of operating system internals and network protocols

• A strong understanding of the business impact of security tools, technologies and policies

• Experience working with legal, audit and compliance staff

• Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision.

• Excellent communication skills and technical English (Intermediate+)

• Certification such as CISM, CISSP, CISA, CEH would be a plus

Задачи:• Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program

• Develop, maintain and publish up-to-date information security policies, standards and guidelines

• Support information security governance through the implementation of an information security steering committee/advisory board

• Develop and manage information security budgets and monitor them for variances

• Create and manage information security awareness training programs

• Manage security issues and incidents, and participate in problem and change management forums

• Ensure that security programs comply with relevant laws, regulations and policies

• Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts

• Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk

• Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program.