Text copied to clipboard!
Title
Text copied to clipboard!Information Security Manager
Description
Text copied to clipboard!
We are looking for an experienced and dedicated Information Security Manager to join our team. In this position, you will be responsible for implementing and managing the overall information security program to protect the organization from IT risks. You will be tasked with identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements. You will also be responsible for establishing and implementing a risk management program, and working with stakeholders throughout the organization on identifying acceptable levels of residual risk. You will be expected to create a culture of information security within the organization through policy and training processes, and to manage the network of people, processes, systems and other elements that will be needed to reduce the impact of a security breach.
Responsibilities
Text copied to clipboard!- Develop and implement a strategic, long-term information security program
- Identify and manage information security risks
- Establish and manage the information security awareness program
- Coordinate information security projects with personnel from the IT department and business units
- Manage the information security incident response plan and coordinate the response to all information security incidents
- Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
- Work directly with the business units to facilitate risk assessment and risk management processes
- Develop and enhance an information security management framework
- Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
- Provide leadership to the enterprise's information security organization
Requirements
Text copied to clipboard!- Bachelor's degree in Information Security, Computer Science, or a related field
- Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification
- Minimum of 5 years of experience in a combination of risk management, information security and IT jobs
- Knowledge of common information security management frameworks
- Excellent written and verbal communication skills
- Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals
- High level of personal integrity, and the ability to professionally handle confidential matters
- Knowledge of technological trends and developments in the area of information security and risk management
- Knowledge of laws, regulations, standards and best practices related to information security and risk management
- Strong leadership skills and the ability to work effectively with business managers, IT engineering and IT operations staff
Potential interview questions
Text copied to clipboard!- What is your experience with developing and implementing an information security program?
- How do you handle information security incidents?
- Can you describe a time when you had to handle a significant information security risk?
- What is your approach to risk management in the context of information security?
- How do you stay updated on the latest information security threats and solutions?