1. Objectives & Responsibilities
a. Strategy & Planning:
- Develop and implement a comprehensive information security strategy and program.
- Establish security policies, procedures, and standards to protect company assets.
- Lead risk assessment and management processes, including threat modeling and vulnerability assessments.
b. Leadership & Management:
- Manage a high-performing information security function
- Provide guidance and mentorship to IT members
- Coordinate with other departments to ensure alignment with security policies and objectives.
c. Compliance & Governance:
- Ensure compliance with relevant laws, regulations, and industry standards (e.g., GDPR, HIPAA, PCI-DSS).
- Oversee the development and implementation of information security policies and procedures.
- Conduct regular audits and assessments to ensure ongoing compliance.
d. Incident Response & Management:
- Develop and oversee incident response planning and execution.
- Lead the response to security breaches and incidents, including forensic analysis and remediation.
- Communicate with relevant stakeholders during incidents, including executive management and, when necessary, external parties.
e. Education & Awareness:
- Promote security awareness across the organization.
- Develop and deliver training programs to educate employees on security best practices and policies.
f. Technical Oversight:
- Stay abreast of the latest security technologies, threats, and trends.
- Oversee the implementation and management of security technologies and solutions (e.g., firewalls, intrusion detection/prevention systems, endpoint protection).
g. Vendor Management:
- Manage relationships with external vendors and service providers.
- Assess and select security vendors to ensure they meet the company's security requirements.
- Negotiate contracts and service level agreements to maximize value and security benefits.
- Oversee vendor performance and ensure compliance with contractual obligations.
2. Job requirements:
a. Education & Certifications:
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Relevant certifications such as CISSP, CISM, CISA, or equivalent.
b. Experience:
- 7+ years of experience in information security roles.
- Proven experience in a senior leadership role
- Demonstrated success in developing and implementing security strategies and programs.
c. Skills & Competencies:
- In-depth knowledge of information security management frameworks (e.g., ISO/IEC 27001, NIST).
- Strong understanding of current threat landscape and security technologies.
- Excellent leadership, communication, and interpersonal skills.
- Ability to work under pressure and manage multiple priorities.
- Strong problem-solving and decision-making skills.
3. Salary
- Open, supportive and collaborative culture
- Performance review every 6 months
- Flexible working hours with 44 hours per week
- Lunch allowance and free drinks (coffee, tea, snack ...)
- Premium health insurance package
- Paid leave (12 days/year)
- 13month salary bonus
4. Apply
- Email: [protected info]
- Tel: [protected info]
