Information Security Manager
Primary job role
- The Information Security Manager will be responsible for implementing network and information security policies across the organization. The role holder will also assess IT-systems and network-related threats within and outside the organization and enforce necessary corrective actions and preventive measures.
- Perform operational establishment and preventive maintenance of backups, recovery procedures, and enforce security and integrity controls.
- Facilitate proof of concept (POC) and other business-related information security and compliance testing for applications and systems.
- Securely and effectively manage the next generation firewall infrastructure through the managed services partner and ensure proper standards and best practices are followed and reviewed on frequent basis to ensure highest security effectiveness, and minimum business interruption with proactive identification of issues and timely resolution.
- Ensure disk- and file-level service and system encryption execution through support teams
- Work with business units to ensure data is classified correctly and implement gateway and endpoint DLP frameworks and continuous monitoring mechanisms.
- Set the information security strategy for the company and Assess, test, and select new security products and technologies to bridge any gaps identified, prepare cost estimates, management justification and plan the timely delivery of the project.
- Provide 24×7 on-call support and execute maintenance activities for both planned and unplanned activities to minimize disruption to the business.
- Test information security systems, firewalls, and upgrades, such as debugging, tracking, reproduction, logging, and resolving all identified problems, according to approved quality testing scripts, procedures, and processes.
- Troubleshoot and provide service support in diagnosing, resolving and fixing system, application, infrastructure, hardware, and software malfunctions.
- Establish and oversee formal risk analysis and self-assessment program for various information services systems and processes.
- Identify, investigate, and resolve security breaches through forensic analysis. Conduct physical examinations of property to ensure compliance with security policies and regulations.
- Conduct red teaming assessments, penetration tests, Vulnerability assessments and provide recommendations for the mitigation of identified threats/gaps and ensure timely completion of corrective actions.
- Conduct training programs to improve the security awareness of business users to minimize breaches and carry out security drills to identify the effectiveness of the awareness sessions and take corrective actions to fix the identified gaps.
- Coordinate with other teams to define security best practices and conduct regular audits to identify if they are adhering to the same.
- Be up to date with new threats and attacks and take actions to mitigate them.
- Collaborate with security consultants, organizations, vendors, suppliers, service providers, and external resources to analyze, recommend, install, and maintain infrastructure, systems, and software security applications.
- Work with cross-functional teams to evaluate risks and recommend remediation solutions for identified vulnerabilities and track remediation.
- Develop knowledge and stay updated on Security monitoring tools and processes, and design and maintain technical security controls.
- Implement, maintain and administer information security documentation, guidelines, policies and procedures, instructions, recording and detailing operational procedures and system logs
- 5 to 6 years of relevant experience in the design and maintenance of information security programs, conducting red teaming assessments and penetration tests with expertise to identify gaps/misconfigurations/vulnerabilities in network infrastructure/systems and applications with the respective corrective actions.
- Bachelor’s degree in computer science, information technology, engineering, or a related field with relevant certifications such as Cisco CCNP Security/Offensive Security Certified Professional (OSCP) / Offensive Security Certified Expert (OSCE)
- Teamwork & collaboration
- Client orientation
- Results & execution orientation
- Decision making
- Analytical ability
From insights to thought-leadershipView More
Enabling farm-to-table transparency and visibility with Industry 4.0 technologies
In our last blog post on food supply chain visibility, we talked about why visibility and related concepts such as transparency and traceability matter. In this blog post, we delve into how food and beverage manufacturers and retailers can optimally use Industry 4.0 technologies to achieve and deliver stakeholder expectations concerning visibility, transparency, and traceability.
Building low-code feature-rich applications for CloudSuite with Infor Mongoose
A part of Infor CloudSuite, Mongoose acts as a Platform-as-a-Service (PaaS) and is fully integrated with Infor Ming.le and Infor ION. Due to Mongoose's ability to simplify the application designing and deployment process, Nucleus Research recently positioned Infor as a Leader in the Low-Code Application Platforms Value Matrix.