Info Sec Manager
Purpose:
Safeguard the technology infrastructure and any privileged or proprietary information that the business possesses; to provide guidance and management for all of the information security needs.
Main duites:
- Work with the IT senior management to develop security programs and projects that address identified risks and business security requirements
- Manage the process of gathering, analysing and assessing the current and future threat landscape. Provide realistic overviews of risks and threats in the enterprise environment
- Monitor and report on compliance with security policies across the organisation. Propose changes to existing policies and procedures to ensure operating efficiency and regulatory compliance
- Provide security communication, awareness and training for audiences, which may range from senior leaders to field staff
- Assist resource owners and IT staff in understanding and responding to security audit failures.
Qualifications:
CISSP certification essential
Desirable experience:
- Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans
- A strong understanding of the business impact of security tools, technologies and policies
- Familiarity with applicable legal and regulatory requirements
- Familiarity with the principles of cryptography and cryptanalysis
- An understanding of operating system internals and network protocols
- Experience with common information security management frameworks, such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks