Description
Information Security Manager: SIEM, Vulnerability, Risk, Audit
My client, a world renowned global organisation is seeking a Security Manager to lead a project team within the internal information security function. The successful candidate will have very strong technical security knowledge, hands on experience with security products, such as; SIEM, vulnerability scanning and management as well as a strong background in security hardening of different platforms.
Main responsibilities;
* Champions international standards and recommendations for security measures
* Background includes senior "hands on" experience and above average skills in either software development, networking, system engineering or system administration (eg Operating system administration, Database administration, Host administration, SAP administration)
* Authors the following document types and ensures content wise alignment with the involved project stakeholders:
- Security requirements
- Information Security Risk Assessments
- Action plans/Implementation checks
- Audit reports
* Coordinates penetration tests and code reviews where applicable.
* Contributes to functional/design specifications, Installation documents, process descriptions where applicable
* Ensures that internal Information Security policies are applied to.
* Responsible to continuously consult project team members on security matters and to raise security awareness
* Responsible to perform peer reviews of security relevant documents and onboarding of new peer staff where requested by designated manager
* Responsible to report own achievements and activities including hours spent to designated manager
* In addition responsible to report project risks and issues including possible resource constraints to designated manager and project team
* Strong stakeholder assessment, interaction and communication skills and understanding of user implications respectively business needs
Specific technical knowledge and experience:
* Specific technical skills and "hands on" experience in security products as SIEM, Vulnerability scanning and management, IPS/IDS etc.
* Specific technical skills and "hands on" experience in security hardening of different platforms including networking, operating systems, databases, applications, web-based applications, Middleware etc.
* Specific technical knowledge and "hands on" experience in security aspects of mobile platforms and solutions, cloud based solutions etc.
* Creativity in presenting alternatives to remediate information risks with time and budget constraints