fbpx

Information Security Lead

Primary job role 

The Information Security Lead will be responsible for implementing network and information security policies across the organization. The role holder will also assess IT- and network-related threats within and outside the organization and enforce necessary corrective actions and preventive measures. 

Main duties/responsibilities 

  • Perform operational establishment and preventive maintenance of backups, recovery procedures, and enforce security and integrity controls 
  • Facilitate proof of concept (POC) and other business-related information security and compliance testing for applications and systems 
  • Manage and maintain the firewalls and firewall clusters across geographies 
  • Set up and deploy new firewall infrastructure, manage firewall capacity, and optimize firewall rules 
  • Provide technical support on all internal/perimeter security aspects of firewall operations (e.g., VPNs, IDS/IPS, DLP, Web Filtering, Radius) and escalate security issues to vendors 
  • Ensure disk- and file-level service and system encryption execution through support teams 
  • Work with business units to ensure data is classified correctly and implement gateway and endpoint DLP frameworks and continuous monitoring mechanisms 
  • Assess, test, and select new security products and technologies, prepare cost estimates, and identify integration issues 
  • Provide 24×7 on-call support and execute maintenance activities for both planned and unplanned activities to minimize disruption to the business 
  • Test information security systems, firewalls, and upgrades, and debug, track, reproduce, log, and resolve all identified problems, according to approved quality testing scripts, procedures, and processes 
  • Troubleshoot and provide service support in diagnosing, resolving, and fixing system, application, infrastructure, hardware, and software malfunctions 
  • Establish and oversee formal risk analysis and self-assessment program for various information services systems and processes 
  • Identify, investigate, and resolve security breaches through forensic analysis. Conduct physical examinations of property to ensure compliance with security policies and regulations 
  • Conduct training programs to improve the security awareness of business users to minimize breaches and carry out security drills to identify the effectiveness of the awareness sessions and take corrective actions to fix the identified gaps 
  • Coordinate with other teams to define security best practices and conduct regular audits to identify if they are adhering to the same 
  • Be up to date with new threats and attacks and take actions to mitigate them 
  • Collaborate with security consultants, organizations, vendors, suppliers, service providers, and external resources to analyze, recommend, install, and maintain infrastructure, systems, and software security applications 
  • Work with cross-functional teams to evaluate risks and recommend remediation solutions for identified vulnerabilities, and track remediation 
  • Develop knowledge, stay updated on Security monitoring tools and processes, and design and maintain technical security controls 
  • Implement, maintain and administer information security documentation, guidelines, policies and procedures, instructions, recording and detailing operational procedures and system logs 

Experience 

  • 5 to 6 years of relevant experience in the design and maintenance of information security programs   

Qualifications 

  • Bachelor’s degree in computer science, information technology, engineering, or a related field with  
  • Relevant certifications such as Cisco CCIE Security, CCNP Security, Certified Information Systems Auditor (CISA), Certified Information Systems and Security Professional (CISSP), or Certified Information Security Manager (CISM) 

Behavioral competencies  

  • Communication 
  • Teamwork and collaboration  
  • Client orientation 
  • Results and execution orientation 
  • Decision making 
  • Analytical ability  

Disclaimer

This job description is not intended, and should not be constructed, to be an all-inclusive list of all responsibilities, skills, efforts, or working conditions as associated with a job. While this job description intended to an accurate reflection of the job requirements, management reserves the right to modify, add or remove duties from particular jobs and to assign other duties as necessary.   

During the time, there is no one in the position above the particular job, the person will be responsible for playing a stretch role and conducting the duties that specific position

Related Posts

From insights to thought-leadership

View More

ASP.NET Core Dependency Injection and Service Lifetimes

ASP.NET Core supports the Dependency Injection (DI) software design pattern that allows registering services and controlling how these services are instantiated and injected in different components.

Enabling farm-to-table transparency and visibility with Industry 4.0 technologies

In our last blog post on food supply chain visibility, we talked about why visibility and related concepts such as transparency and traceability matter. In this blog post, we delve into how food and beverage manufacturers and retailers can optimally use Industry 4.0 technologies to achieve and deliver stakeholder expectations concerning visibility, transparency, and traceability.

Building low-code feature-rich applications for CloudSuite with Infor Mongoose

A part of Infor CloudSuite, Mongoose acts as a Platform-as-a-Service (PaaS) and is fully integrated with Infor Ming.le and Infor ION. Due to Mongoose's ability to simplify the application designing and deployment process, Nucleus Research recently positioned Infor as a Leader in the Low-Code Application Platforms Value Matrix.

Six reasons to embrace food supply chain transparency

F&B manufacturers should not consider supply chain transparency a burden or an invasion of company privacy. When done right, transparency can benefit all stakeholders in the F&B supply chain: manufacturers, logistics, retailers, regulatory bodies, & most importantly, the conscious consumers. Explore why transparency matters and key concepts such as visibility, and traceability, in our latest blog post:

Making the most of your data with Infor-Ephesoft integration

Businesses generate mountains of data throughout the supply chain and at various customer and partner touchpoints. Leveraging these data is one of the critical goals for enterprises driven by innovation and as it helps them be more competitive, productive, and digital.

Finance & Accounting Guide: Enhancing productivity and accelerating processes with IDM Capture

The finance and accounting departments and processes are among the most critical and essential functions of a business. However, multiple studies indicate that about 50% of organizations are still wrangling their data manually.