fbpx

Information Security Lead

Primary job role 

The Information Security Lead will be responsible for implementing network and information security policies across the organization. The role holder will also assess IT- and network-related threats within and outside the organization and enforce necessary corrective actions and preventive measures. 

Main duties/responsibilities 

  • Perform operational establishment and preventive maintenance of backups, recovery procedures, and enforce security and integrity controls 
  • Facilitate proof of concept (POC) and other business-related information security and compliance testing for applications and systems 
  • Manage and maintain the firewalls and firewall clusters across geographies 
  • Set up and deploy new firewall infrastructure, manage firewall capacity, and optimize firewall rules 
  • Provide technical support on all internal/perimeter security aspects of firewall operations (e.g., VPNs, IDS/IPS, DLP, Web Filtering, Radius) and escalate security issues to vendors 
  • Ensure disk- and file-level service and system encryption execution through support teams 
  • Work with business units to ensure data is classified correctly and implement gateway and endpoint DLP frameworks and continuous monitoring mechanisms 
  • Assess, test, and select new security products and technologies, prepare cost estimates, and identify integration issues 
  • Provide 24×7 on-call support and execute maintenance activities for both planned and unplanned activities to minimize disruption to the business 
  • Test information security systems, firewalls, and upgrades, and debug, track, reproduce, log, and resolve all identified problems, according to approved quality testing scripts, procedures, and processes 
  • Troubleshoot and provide service support in diagnosing, resolving, and fixing system, application, infrastructure, hardware, and software malfunctions 
  • Establish and oversee formal risk analysis and self-assessment program for various information services systems and processes 
  • Identify, investigate, and resolve security breaches through forensic analysis. Conduct physical examinations of property to ensure compliance with security policies and regulations 
  • Conduct training programs to improve the security awareness of business users to minimize breaches and carry out security drills to identify the effectiveness of the awareness sessions and take corrective actions to fix the identified gaps 
  • Coordinate with other teams to define security best practices and conduct regular audits to identify if they are adhering to the same 
  • Be up to date with new threats and attacks and take actions to mitigate them 
  • Collaborate with security consultants, organizations, vendors, suppliers, service providers, and external resources to analyze, recommend, install, and maintain infrastructure, systems, and software security applications 
  • Work with cross-functional teams to evaluate risks and recommend remediation solutions for identified vulnerabilities, and track remediation 
  • Develop knowledge, stay updated on Security monitoring tools and processes, and design and maintain technical security controls 
  • Implement, maintain and administer information security documentation, guidelines, policies and procedures, instructions, recording and detailing operational procedures and system logs 

Experience 

  • 5 to 6 years of relevant experience in the design and maintenance of information security programs   

Qualifications 

  • Bachelor’s degree in computer science, information technology, engineering, or a related field with  
  • Relevant certifications such as Cisco CCIE Security, CCNP Security, Certified Information Systems Auditor (CISA), Certified Information Systems and Security Professional (CISSP), or Certified Information Security Manager (CISM) 

Behavioral competencies  

  • Communication 
  • Teamwork and collaboration  
  • Client orientation 
  • Results and execution orientation 
  • Decision making 
  • Analytical ability  

Disclaimer

This job description is not intended, and should not be constructed, to be an all-inclusive list of all responsibilities, skills, efforts, or working conditions as associated with a job. While this job description intended to an accurate reflection of the job requirements, management reserves the right to modify, add or remove duties from particular jobs and to assign other duties as necessary.   

During the time, there is no one in the position above the particular job, the person will be responsible for playing a stretch role and conducting the duties that specific position

Related Posts

From insights to thought-leadership

View More

Making the most of your data with Infor-Ephesoft integration

Businesses generate mountains of data throughout the supply chain and at various customer and partner touchpoints. Leveraging these data is one of the critical goals for enterprises driven by innovation and as it helps them be more competitive, productive, and digital.

Finance & Accounting Guide: Enhancing productivity and accelerating processes with IDM Capture

The finance and accounting departments and processes are among the most critical and essential functions of a business. However, multiple studies indicate that about 50% of organizations are still wrangling their data manually.

6 ways how Ephesoft accelerates data entry to your Infor solution

Our latest blog post covers six reasons why enterprises should implement IDM Capture, an add-on developed by Ephesoft and Infor that leverages ML, AI, OCR, and ICR to capture, process, classify, extract, and validate data from multiple sources.

Post-pandemic fashion manufacturing: Essential technology for the manufacturer

In my previous blog series I discussed how fashion companies could adapt to meet the challenges of the new normal. For the most part, I focused on brands, but the same principles apply to fashion manufacturing. In this blog post, let’s focus on how manufacturers can adapt to the new normal by achieving visibility and collaboration with the right software.

Post-pandemic fashion manufacturing: Bridging the East-West divide

Twenty years ago, I started my career at an Asian apparel manufacturer. Tech-packs would come in from big brands from the US and Europe. We would gather in meeting rooms late into the night, deciphering the documents and pulling together a sample as best we could. If the sample was approved, we would confirm delivery dates to the brand six months in advance.

Is moving to the cloud the secret to a more sustainable supply chain?

Corporate sustainability is increasingly becoming a differentiator of business performance and financial success. Not only will sustainability help the planet recover from the harm that has been inflicted by aggressive industrialization, but it will also add value to your brand by attracting eco-conscious customers who demand green products.