ASSOCIATE MANAGER, INFORMATION SECURITY

Responsibilities:

• Security Oversight: Act as the primary point of contact for all information security matters, managing and addressing security-related problems as they arise.
• Policy Review: Conduct regular reviews and updates of security policies to ensure compliance with industry standards and best practices.
• Vulnerability Management: Oversee and monitor vulnerability scanning and penetration testing conducted by third-party vendors, ensuring timely identification and remediation of security weaknesses.
• Security Awareness: Host regular internal seminars and training sessions to raise security awareness among employees, fostering a culture of security mindfulness throughout the organization.
• Incident Response: Develop and implement incident response plans to effectively manage and mitigate security breaches or threats.
• Risk Assessment: Conduct risk assessments to identify potential security risks and recommend appropriate mitigation strategies.
• Documentation: Maintain comprehensive documentation of security policies, procedures, and incident reports for compliance and audit purposes.
• Collaboration: Work closely with IT and other departments to ensure security practices are integrated into all aspects of the organization's operations.

Requirements:

• Educational Background: Bachelor's degree in Information Security, Computer Science, or a related field. Relevant certifications (e.g., CISSP, CISM, CEH) are preferred.
• Experience: 3+ years of experience in information security, with a focus on policy development, vulnerability management, and security awareness training.
• Technical Knowledge: Strong understanding of information security frameworks, vulnerability assessment tools, and incident response protocols.
• Analytical Skills: Excellent analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions.
• Communication Skills: Strong verbal and written communication skills, with the ability to convey technical concepts to non-technical audiences.
• Proactive Attitude: A self-starter with a proactive approach to identifying and addressing security challenges.
• Team Player: Ability to work independently and collaboratively within the IT Service Team and across the organization.