Our client, a leading properties group, is seeking a highly skilled and experienced Information Security and Risk Senior Manager. As the Senior Manager, you will be responsible for establishing and maintaining robust information security measures and risk mitigation strategies to protect our organization's sensitive data and critical assets. Your role will involve developing and ensuring compliance with security policies, procedures, and best practices, as well as coordinating risk assessments and implementing effective risk management frameworks. You will collaborate closely with cross-functional teams to drive security initiatives and provide guidance on information security matters.
Â
Responsibilities:
Develop and maintain an enterprise-wide information security strategy, aligned with industry best practices and regulatory requirements.
Establish and enforce information security policies, procedures, guidelines, and standards to maintain the confidentiality, integrity, and availability of data and systems.
Conduct risk assessments to identify existing and potential security vulnerabilities, and develop effective risk mitigation plans.
Oversee the implementation of security controls and technologies to protect against unauthorized access, data breaches, and other security incidents.
Collaborate with various stakeholders, such as IT, Legal, Compliance, and Business Units, to ensure timely response to security incidents, and to ensure that security requirements are incorporated into business processes and solutions.
Monitor and analyze security events, conduct investigations, and coordinate incident response activities to minimize the impact of security incidents.
Keep abreast of emerging security threats, vulnerabilities, and technologies, and provide recommendations to enhance the organization's overall security posture.
Conduct regular security awareness training and education programs for employees, to promote a culture of security awareness and compliance.
Coordinate with external auditors and regulatory bodies to address security and compliance requirements, and assist in audits and assessments.
Manage relationships with external vendors and partners, regarding security-related products, services, and contracts.
Â
Requirements:
Bachelor's degree in Computer Science, Information Security, or a related field. Advanced certifications such as CISSP, CISM, or CRISC are highly desirable.
Minimum of 10 years of experience in information security, risk management, or a related field, with at least 3 years in a managerial role.
In-depth knowledge of information security principles, frameworks, technologies, and best practices.
Strong understanding of relevant regulations and standards, such as GDPR, ISO 27001, and NIST.
Proven experience in conducting risk assessments, developing risk mitigation strategies, and implementing risk management frameworks.
Excellent leadership, communication, and interpersonal skills, with the ability to effectively collaborate with cross-functional teams and senior management.
Strong analytical and problem-solving abilities, with the capability to think strategically and apply sound judgment in complex situations.
Experience in managing security incidents, conducting investigations, and coordinating incident response activities.
Knowledge of cloud security, network security, application security, and secure software development practices is preferred.
Demonstrated ability to manage multiple projects and priorities, and deliver results within deadlines.