about the company
A financial services company that has been taking their industry by storm since they stepped foot in it!
about the job
Take charge of the IT Security Team to implement and monitor security measures to to ensure that all IT related security components are implemented in accordance with the group compliance.
about the team | manager
You’ll be reporting to the group Chief Technology Officer that has displayed significant mastery in both technical knowledge and people management skills.
skills and experience required
- Along with the team in charge of managing patches and vulnerabilities, take the lead and participate. To monitor, analyse, and respond to daily system alerts and logs from various internal and external sources; to conduct correlation and forensic analysis; to flag suspicious events; to identify abnormalities; and to report violations; to resolve internal and external escalation within agreed SLA; to provide technical supports; to direct the Security Incident Response Team; to develop countermeasures and recovery strategies for security breaches.
- By working with the appropriate party to establish a short- and long-term IT security strategy that is in line with company, IT and/or Global Information Security Group strategic, goals, direction, and financial considerations, you can lead and conduct regular self-assessments to evaluate your company's IT security maturity levels, analyse security threat landscape, and determine future requirements. Responsible for managing IT security-related systems, devices, and projects, minimising IT security risks exposure, and enforcing IT security-related control, compliance, and governance within the organisation.
- Serving as the company's in-house technical and security subject matter expert to evaluate, counsel, and discuss with relevant business system owners and users, the IT team, vendors, and/or regional teams to ensure IT Security related control requirements on the new or enhanced system are well-designed and implemented in accordance with global standards
- Standards/baselines from the Information Security Group, regional laws, and recommended procedures.
- Organize special requests. Work with the vendor to coordinate penetration testing and source code scanning for new and/or significantly improved systems and projects, and make sure any issues or holes are fixed before the systems or projects go live.
- Oversees, facilitates, and engages with internal and external audit engagements. based on agreed-upon recommendations and related risks pertaining to the Global Information Security Group and/or any other local regulatory need, facilitates remediation. Periodical tracking and follow-up with relevant parties to ensure Audit and compliance holes are addressed and rectified according to the committed timetable.
- IT security awareness and training are established and maintained. Examine and confirm that the policies, practises, and guidelines linked to IT security are current. Stay up with industry standards, frameworks, and technologies, and suggest improvements where they are called for. Take the initiative to organise and perform monthly, quarterly reporting and meetings with management and/or the regional CISO that are linked to IT security.
- CISSP, CISA, or CISM in Information Security will be advantageous, as will a degree in computer science or information security, or an equivalent qualification.
- Minimum of two years of management or leadership experience.
- Minimum of 10 years of relevant professional experience with a track record of success, with a focus on IT processes, general control, and security technologies.
- Minimum of 10 years of practical technical experience/knowledge in setting up, implementing, and maintaining IT solutions linked to information security.
- Endpoint protection software, network security monitoring, network access control, L2/L3 firewalls, routing, switching, IDS/IPS, proxy, WAF, VLAN, VPN technology, threat protection, PAM, IAM, SIEM, APT, forensic techniques, content filtering, patch & vulnerability management, encryption technology, DLP, MDM, DNS, HTTP, SSL, SSH, LDAP, IPSEC, etc. are examples of security-related solutions/systems.
- Minimum of ten years' experience and knowledge in the related fields of security threat analysis, IT security risk assessment, vulnerability assessment, security formulation, incident management, secure software development lifecycle, penetration testing, source code review, BCP knowledge, establishing IT security related policy/procedure, and leading the response to audit & compliance assessments.
- Outstanding analytical and problem-solving abilities, results orientation, self-motivation, good interpersonal skills, flexibility, and independence.
- Outstanding management, writing, presentation, and communications skills.
- Ability to work on own initiative with minimal supervision, excellent time management, priorities and organisational skills to work on multi-tasks with high sense \sof urgency and tight deadlines in fast paced environment.
- Must be able to handle & provide after-office hours on urgent incident escalation/support request.
how to apply
If you are ready to take the next leap in your career, use the 'apply' function. You may reach out to our Cybersecurity Recruitment Consultant: Prassath Jay | firstname.lastname@example.org | LinkedIn | for a confidential chat.
For more Cybersecurity jobs, visit the Randstad Website and drop your profile.