Assistant Manager IT Security

Job Description

Dear Candidates,Greeting of the day!We have an urgent opening forAssistant Manager IT Security.Position Title: Assistant Manager IT SecurityGrade/Level: Sr. AssociateReporting Manager Title: Dy CISOLocation: Any LocationPosition Type: Permanent full-timeJob Summary (Please include a couple of lines on the firm and LoS)AM-Information Security who aligns with CISO office and IT Security team members to ensure there is an effective implementation of controls & process in place. Responsible for identification of Information & Cyber security risks, their impact assessment and appropriate measures put in place to eliminate them or mitigate their effect. Responsible for the IS implementation activities across business lines. In addition to that; should take ownership of a specific organisation wide process or technology implementation projects.Roles & Responsibilities (essential functions and responsibilities of the job):

• Oversees compliance with all business IS program elements, policies, standards, and guidelines.
• Lead, Maintain, update and document policies, procedures and other documentation requirements as mandated by the International Standard ISMS. Manage ISMS Certification Cycle. Coordinate with internal and external stakeholders. Review and update certification scope and requirements.
• Perform periodic internal reviews of ISMS, technology solutions, network, IT Systems and Applications to ensure its relevance and correctness and report for Gaps / Exceptions noted. Publish Periodic dashboard on the Non-Compliance.
• Participate in Information Security technology implementation projects. Perform Security Risk Assessments.
• Integrates Information security controls into day-to-day business
• Communicates with the CISO/BISO and business managers; escalates as appropriate.
• Provides general Information security consulting services, including interpretation and/or clarification.
• Assists business in client IS compliance activities
• Participate in IT Change Advisory Board Meetings. Sound knowledge on ITSM Processes like Change management, release management, problem management and incident management.
• Participate in the definition and implementation of IS standards at the business level
• Conduct Security awareness and Phishing activities on periodic intervals. Educates and advises the business on safe cyber security practices
• Develop and maintain links and close working with the CIO organization.
• Provide interpretations of current policies related to specific situations as they arise.
• Build consensus among stakeholders
• Coordinate internal and external audits. Follow up with Stakeholders towards closure of gaps identified. Act as a trusted advisor for business and other stakeholder and guide them towards risk mitigation.
• Oversee and handle incident response and security breach investigations. Manage IT Security exceptions, issue management and IT Security Incident management process.

Education and Experience:- 5 7 years experience in Information Security, ISO 27001, implementation and certifications- Ability to Understand Security Architecture and the underlying components (Viz. High availability, DR architecture, Operating systems etc)- Must have prior experience in at least two are more areas like Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, DLP, SOC, Incident Management, compliance, Vulnerability AssessmentCertifications: Minimum one strongly encouraged (CISSP, CISM or CISA) Education Level: Bachelor or equivalentsCandidate Specifications (insert the relevant personal skills here):Essential Skills:- Conceptual skills- Influencing skills- Conflict resolving skills- Service orientation- Managing ambiguity- Visioning and Strategizing- Diagnostics- Change Management- Decision Making- Coaching and counselingCV sifting criteria (definitive criteria which a CV must have. This helps us to screen out irrelevant CVs):- 5 - 7 year experience in Information / IT Security- CISSP / CISA / CISM- Experience in managing Information Security for large network- Security product implementation & program managementThe skills we look for in future employees (This is standard text that is incorporated into every job description. You do not need to add any content into this field. This is for your information only):All our people need to demonstrate the skills and behaviours that support us in delivering our business strategy. This is important to the work we do for our business, and our clients. These skills and behaviours make up our global leadership framework, The PwC Professional.The PwC Professional focuses on five core attributes; whole leadership, business acumen, technical capabilities, global acumen and relationships. We use this framework to recruit, develop and assess our people, at all grades and all areas of our business, because we expect all of our people to be leaders.

Keyskills :
release managementproblem managementincident managementchange managementcyber securityoperating systemssecurity risktechnology solutionsinformation security consultingit securitysecurity controlsrisk assessmentprogram managementsocsecurity a