POSITION SUMMARY:

The Senior Manager, Data Risk Operations & Projects is responsible for assisting in planning; implementing and monitoring of security strategies, measures and controls to ensure information assets and technologies are adequately protected and lead a team of staff in identifying, developing, implementing and maintaining security technologies, controls and process to reduce the Information technology risks.

PRIMARY RESPONSIBILITIES:

• Assist in strategic information security planning based on industry-standard best practices to achieve business goals by prioritizing defence initiatives and coordinating the evaluation, deployment, and management of current and future information security technologies
• Remain informed on trends and issues in the information security industry
• Evaluate, plan, and implement new cybersecurity technologies and systems
• Define policies for the administration of all cybersecurity systems and auditing processes
• Manage and perform information security incident response and investigation activities
• Support internal and external auditors, and perform technical security assessment/ audits in compliance to policy, regulation and governance
• Design and implementation of disaster recovery and business continuity plans, procedures, audits, and enhancements
• Manages and oversees large scale or critical security infrastructure projects and other expansion projects to ensure adequate security technologies are deployed to protect Network and systems
• Responsible for cloud system administration and security
• Performs tasks and/or fulfil responsibilities that may be assigned by management and/or immediate superior as the business operations required.

QUALIFICATIONS:

Experience

• 10+ years relevant experience in information security
• Requires in depth experience and knowledge of enterprise IT security and technologies
• Hands on experience with security tools, such as, Web Security Solutions, Identity & Access
• Management system, SIEM Solutions, Privileged ID Management System, Multi factor authentication
• system, APT prevention solutions, Antivirus, NextGen Firewall, and WAF systems
• 5+ years’ experience of management or administration in least 6 of the following disciplines:
• Network Security and firewalls (CCSP/CCIE – Security)
• Relational Database Security
• Remote Access/VPN solutions
• Information Security Auditing
• Intrusion Detection and Response
• Messaging Security
• Security policy and procedure development
• Windows and Active Directory security
• Access management processes
• Security benchmarking requirements (CIS)
• Security compliance for Regulatory requirements (NERC/SOX/HIPPA/FISMA)
• Web and application based security
• Encryption (KPI/Kerberos/SSL)
• Experience in conducting vulnerability / compliance scanning / penetration test
• Experience with multiple operating system security: Windows, MacOS, Unix, and Linux.
• A solid understanding of network design, architecture, OSI model and TCP/IP
• Experience with interpreting requirements and implementing policies
• Experience with incident handling and threat intelligence in a large enterprise
• Exposure to Cloud computing
• Knowledge of industry standard scoring models such as CVSS, CCSS
• Knowledge of vulnerability attack methods
• Security Strategic Planning and Risk Management
• Knowledge of Web and application based security

Education

• A bachelor degree in Computer Science and an information security or other similar technical certification such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is highly desirable

Skills / Competencies

• Proven excellence in researching, organizing, writing, and presenting technical information
• Capacity to work independently and in a team environment, with proven leadership ability and project management skills
• Must have excellent analytical skills, the ability to multi-task and have solid project management
• skills.
• Ability to understand the relationship between business processes, priorities, risk and their underlying technologies and security risks
• Ability to keep pace with a fast pace and growing company
• Achieves agreed objectives and accepts accountability for results
• Displays the highest level of integrity
• Ability to maintain discretion