Background information about the job or company:

The Manager ICT Security will report to the Chief Information Security Officer and will be responsible for the development, implementation, and maintenance of standards and systems to ensure secure information systems and data.

Responsibilities or duties:

• Work directly with business units to facilitate IT risk assessment and risk management processes.
• Provide regular reporting on the status of the information security program.
• Create and manage information security and risk management awareness training programs.
• Liaise with the enterprise architecture team to ensure alignment between security and enterprise architectures.
• Participate in security incident and event management.
• Monitor the external threat environment for emerging threats.
• Coordinate the development of implementation plans and procedures for business-critical services recovery.
• Follow up the consistent application of policies and standards across all technology projects.
• Support and consult with IT and security staff.
• Research, evaluate, design, test, recommend, or plan the implementation of new or updated information security hardware or software.
• Work with the enterprise systems team to ensure alignment between business, technical, and security requirements.
• Develop a strong working relationship with the security engineering team.

Qualifications or requirements:

• Bachelor’s degree in computer science, Information Technology, or related field.
• At least one of the following certifications: CISM, CISSP, CRISC, CEH, CHFI, CASP+.
• Minimum of five years of progressive experience in IT, with at least two years in cybersecurity responsibilities.
• Hands-on experience with various cybersecurity technologies.
• Strong knowledge of cyber threat intelligence, red/blue team operations, and crisis management.
• Experience in designing and implementing cybersecurity strategies and risk management frameworks.
• Ability to link and apply cybersecurity technologies to business strategies.

Experience needed:

A minimum of five years of progressive experience in IT, with at least two of those years specifically involving cybersecurity responsibilities.

• Work directly with business units to facilitate IT risk assessment and risk management processes.
• Provide regular reporting on the status of the information security program.
• Create and manage information security and risk management awareness training programs.
• Liaise with the enterprise architecture team to ensure alignment between security and enterprise architectures.
• Participate in security incident and event management.
• Monitor the external threat environment for emerging threats.
• Coordinate the development of implementation plans and procedures for business-critical services recovery.
• Follow up the consistent application of policies and standards across all technology projects.
• Support and consult with IT and security staff.
• Research, evaluate, design, test, recommend, or plan the implementation of new or updated information security hardware or software.
• Work with the enterprise systems team to ensure alignment between business, technical, and security requirements.
• Develop a strong working relationship with the security engineering team.

• Bachelor’s degree in computer science, Information Technology, or related field.
• At least one of the following certifications: CISM, CISSP, CRISC, CEH, CHFI, CASP+.
• Minimum of five years of progressive experience in IT, with at least two years in cybersecurity responsibilities.
• Hands-on experience with various cybersecurity technologies.
• Strong knowledge of cyber threat intelligence, red/blue team operations, and crisis management.
• Experience in designing and implementing cybersecurity strategies and risk management frameworks.
• Ability to link and apply cybersecurity technologies to business strategies.