The security Manager is responsible for assassence and documenting the organization's compliance and risk posture as they relate to its information assets. The Security Manager will maintain expertise in ciber-security intelligence, to ensure effective system-wide security analysis, intrusion detection, standards and testing, risk assessment, awareness and education and development of policies, standards and guidlines.The responsibilities
- Assist in the development and implementation of system-wide risk management functions of the information security program to ensure information security risks are identified and monitored.
- Internally assess, evaluate and make recommendations to management regarding the adequacy of security controls for the information and technology systems.
- Assist in developing and maintaining Key Perfomans Indicators (KPIs) and Key Risk Indicators (KRIs) for the Data Governance Security Program and initiatives.
- Support the system-wide information security complience program, ensuring IT activities, processes and procedures meet and support the defined policies, procedures and processes.
- Develope and implement effective and reasonable policies and practices to secure protected and secure data and ensure information security and compliance with relevant legal and regulatory interpretation.
- Implement strategies and project plans for dealing with audits, compliance checks, external assessment processes for internal and external auditors related to information security programs.
- Provide guidance, evaluation and input on responses to audits impacting information security programs.
- Conduct Information Security due diligence on 3rd party vendors to ensure adherence to organizational, regulatory ar legal standarts.
- Develope rutine reports in accordance with GRC metrics.
- Works with the CISO (to be a CISO) to determine the acceptable level of risk for enterprise computing platforms.
- Liaise with key functional teams such as HR, IT, Marketing, Finance, Product Management, Development, General Councel and Business to identify new applications and service providers in use and the associated security controls to secure the data.
- Investigates incidents and events that include potential HIPAA and other data breaches, data leakage, brand reputational risks, malware propagation, system compromises etc.
- Assist in the management and maintenance in the enterprise wide IS Security Awareness Program which includes phishing simulations, computer-based training, proactive communications on latest threats, workshops and newsletters.
- Work with the CISO to ensure the Information Security team stays abreast of new regulatory, leafal and/or compliance data security requirements.
- Ensure comliance with HIPAA and applicable regulatory and legal requirments.
- Other security-related projects that may be assigned according to skills and organizational priorities.
- You have at least 5 years experience in building an Information Security Risk Management program.
- Bachelor's Degree in Computer Engeneering, Computer Science, or Information Systems Management preferred or equivalent work experience in the field of Cubersucurity.
- Information Security experience in IT, healthcare, banking or government programs.
- Information security related training or certifications.
- Understanding and familiarity with information and cyber-security frameworks (ISO, NIST, HiTrust, COBIT,etc)
- Experience in ISO 27001 certification.
- Experience implementing an Information Security Risk Management Program, including an IS risk register which includes identifying threats and risks to the organization.
- Experience performing Third Party Risk Assesments for new and existing vendor tools, on premise implementations, and third parties with excess to the environment.
- Eperience in responding to, analyzing and communicating information security incidents.
- Strong documentation and communication skills.
Enjoy while working with us
- Rewarding Salary + Bonuses
- Personal Growth Roadmap, ongoing Perfomance Review and Mentoring Program
- Certification Programs
- English Training Program
- Medical Insurance
- Unlimited Annual Leave
- Birthday Leave
- Remote Work Opportunities
- Corporate Events
Dare to be different!