Our client is looking for an Associate Manager (Information Security) to join their IT Service Team. This is a one-person role where you will be responsible for all security-related issues within the organization.
Responsibilities:
- Security Oversight: Act as the primary point of contact for all information security matters, managing and addressing security-related problems as they arise.
- Policy Review: Conduct regular reviews and updates of security policies to ensure compliance with industry standards and best practices.
- Vulnerability Management: Oversee and monitor vulnerability scanning and penetration testing conducted by third-party vendors, ensuring timely identification and remediation of security weaknesses.
- Security Awareness: Host regular internal seminars and training sessions to raise security awareness among employees, fostering a culture of security mindfulness throughout the organization.
- Incident Response: Develop and implement incident response plans to effectively manage and mitigate security breaches or threats.
- Risk Assessment: Conduct risk assessments to identify potential security risks and recommend appropriate mitigation strategies.
- Documentation: Maintain comprehensive documentation of security policies, procedures, and incident reports for compliance and audit purposes.
- Collaboration: Work closely with IT and other departments to ensure security practices are integrated into all aspects of the organization’s operations.
Requirements:
- Educational Background: Bachelor’s degree in Information Security, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CISM, CEH) are preferred.
- Experience: 3+ years of experience in information security, with a focus on policy development, vulnerability management, and security awareness training.
- Technical Knowledge: Strong understanding of information security frameworks, vulnerability assessment tools, and incident response protocols.
- Analytical Skills: Excellent analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions.
- Communication Skills: Strong verbal and written communication skills, with the ability to convey technical concepts to non-technical audiences.
- Proactive Attitude: A self-starter with a proactive approach to identifying and addressing security challenges.
- Team Player: Ability to work independently and collaboratively within the IT Service Team and across the organization.