Job description
**Job Requirements: Information Security Manager**
**Responsibilities:**
1. **Information Security Management:** Lead and oversee all aspects of information security within the organization.
2. **Information Risk Management:** Assess and manage information security risks effectively.
3. **CISO Security Solutions & Services:** Manage and implement security solutions and services.
4. **Governance, Policies & Awareness:** Develop and enforce security policies and create awareness around information security and data protection.
5. **Project Management:** Coordinate and manage information security projects and initiatives.
6. **Reporting:** Provide comprehensive reports on CISO domains and security findings.
7. **IT Compliance:** Ensure compliance with relevant IT regulations and standards.
8. **Continuous Learning:** Keep up-to-date with the latest developments in information security.
**Possible Consequences of Errors:**
- **Policy Delays:** Delayed or inadequate security policies, procedures, and guidelines.
- **Risk Issues:** Late identification and treatment of information security risks.
- **Awareness Gap:** Lack of awareness among employees regarding security and privacy risks.
- **Project Delivery:** Project delivery not aligning with the established plan.
- **Reporting Delays:** Delayed or incomplete reporting to senior management.
- **System Infections:** Potential system infections with significant operational consequences.
- **Legal Compliance:** Risk of non-compliance with applicable laws and regulations.
**Knowledge and Experience:**
- **Education:** Master's degree or equivalent through experience.
- **Experience:** 15-20 years of relevant work experience.
- **Induction:** Several months of onboarding and familiarization.
- **Standards:** Proficiency in ISO27001, ISO27002, ISO 27005, ISO 31000 standards.
- **Expertise:** Deep knowledge of IT Risk Management, Information Security & Compliance.
- **Security Architecture:** Strong understanding of security architecture and controls.
- **IT Proficiency:** Knowledge of IT processes and technology.
- **Certifications:** CISSP, CISM, CGRC, or CISA certifications preferred.
- **Program Management:** Familiarity with program management principles.
**Responsibilities:**
1. **Information Security Management:** Lead and oversee all aspects of information security within the organization.
2. **Information Risk Management:** Assess and manage information security risks effectively.
3. **CISO Security Solutions & Services:** Manage and implement security solutions and services.
4. **Governance, Policies & Awareness:** Develop and enforce security policies and create awareness around information security and data protection.
5. **Project Management:** Coordinate and manage information security projects and initiatives.
6. **Reporting:** Provide comprehensive reports on CISO domains and security findings.
7. **IT Compliance:** Ensure compliance with relevant IT regulations and standards.
8. **Continuous Learning:** Keep up-to-date with the latest developments in information security.
**Possible Consequences of Errors:**
- **Policy Delays:** Delayed or inadequate security policies, procedures, and guidelines.
- **Risk Issues:** Late identification and treatment of information security risks.
- **Awareness Gap:** Lack of awareness among employees regarding security and privacy risks.
- **Project Delivery:** Project delivery not aligning with the established plan.
- **Reporting Delays:** Delayed or incomplete reporting to senior management.
- **System Infections:** Potential system infections with significant operational consequences.
- **Legal Compliance:** Risk of non-compliance with applicable laws and regulations.
**Knowledge and Experience:**
- **Education:** Master's degree or equivalent through experience.
- **Experience:** 15-20 years of relevant work experience.
- **Induction:** Several months of onboarding and familiarization.
- **Standards:** Proficiency in ISO27001, ISO27002, ISO 27005, ISO 31000 standards.
- **Expertise:** Deep knowledge of IT Risk Management, Information Security & Compliance.
- **Security Architecture:** Strong understanding of security architecture and controls.
- **IT Proficiency:** Knowledge of IT processes and technology.
- **Certifications:** CISSP, CISM, CGRC, or CISA certifications preferred.
- **Program Management:** Familiarity with program management principles.
