Information Security Manager

Position Overview : We are seeking an experienced and highly skilled Information Security Manager to join our growing team. This role will be responsible for overseeing and implementing the organization's information security program, ensuring the protection of corporate assets, and managing security incidents. The ideal candidate will have 5 years of hands-on experience in information security, risk management, compliance, and IT infrastructure security.

Key Responsibilities : Security Program Management :

• Lead the development, implementation, and management of the organization's Information Security Program.
• Continuously assess and improve the security posture, ensuring compliance with industry standards and regulatory requirements.
• Design and enforce policies, procedures, and controls to safeguard the organization's IT infrastructure, data, and systems.

Risk Management & Threat Mitigation :

• Conduct regular risk assessments and threat analysis to identify vulnerabilities in systems, networks, and applications.
• Manage the identification, remediation, and reporting of security risks.
• Develop strategies to mitigate security threats, ensuring business continuity and minimal disruption.

Incident Response & Security Operations :

• Oversee the security operations center (SOC) to monitor, detect, and respond to security incidents.
• Lead incident response efforts in the event of a security breach or data loss.
• Ensure timely reporting of security incidents, conducting thorough post-incident reviews, and implementing improvements.

Compliance & Governance :

• Ensure the organization is in compliance with industry standards, regulations (e., GDPR, HIPAA, NIST, ISO 27001), and best practices.
• Coordinate internal and external audits to ensure adherence to security controls and policies.
• Keep the organization up to date with evolving compliance requirements and security frameworks.

Team Leadership & Development :

• Manage a team of security professionals, providing mentorship and guidance to ensure effective performance and career development.
• Collaborate with cross-functional teams to integrate security into all aspects of the business.

Vendor & Third-Party Risk Management :

• Manage and evaluate the security of third-party vendors and contractors to ensure they meet the organization's security requirements.
• Work with legal and procurement teams to review third-party contracts for security implications.

Required Qualifications : Education : Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field. Advanced certifications (e. , CISSP, CISM, CISA, or equivalent) are a plus. Experience : A minimum of 5 years of experience in information security or IT security management, with a proven track record in risk management, incident response, and compliance. Technical Skills :

• Strong knowledge of security frameworks (e., NIST, ISO 27001, CIS).
• Hands-on experience with firewalls, IDS/IPS, VPNs, encryption, endpoint protection, and other security technologies.
• Experience with cloud security platforms (AWS, Azure, Google Cloud, etc.)
• Knowledge of IT infrastructure, networking protocols, and secure software development practices.

Soft Skills :

• Strong leadership and communication skills.
• Ability to effectively collaborate with senior management and various departments.
• Excellent problem-solving abilities and attention to detail.

Preferred Qualifications :

• Master's degree in Cybersecurity or Information Security.
• Hands-on experience with security incident management and forensic tools.
• Experience in data privacy regulations and audits.
• Experience with security automation tools.

Additional Information :

• Strong analytical skills with the ability to assess complex security issues.
• Ability to manage multiple projects, deadlines, and priorities in a fast-paced environment.
• Certification in cloud security (e., AWS Certified Security Specialty) is a plus.

)