IT Security Manager (Regional)

Responsibilities :

• Analyze and prioritize vulnerabilities based on severity, potential impact and business risk, and collaborate with relevant teams to implement effective mitigation strategies.
• Provide strategic guidance, insights, and direction on technological, cybersecurity, and policy-related topics.
• Lead and participate in the development, implementation, and continuous improvement of incident response procedures, and processes.
• Collaborate with other teams at multiple geographic locations to investigate and document security incidents, root causes, and recommend remediation actions.
• Planning and appraising ongoing assessment of antivirus, application control, firewall, SIEM, VPN, SSL, intrusion detection or intrusion prevention and other network component policies.
• Managing and configuring security systems such as firewalls, intrusion detection and prevention systems, anti-virus software, and other security-related software and hardware.
• Monitoring systems, servers, and networks to detect and respond to potential security threats or suspicious activities.
• Developing and implementing security policies and procedures that ensure the organization’s data and systems are protected against cyber threats.
• Conduct regular vulnerability assessments and penetration testing to identify potential security weaknesses and risks to make improvements in the organization’s security.
• Report all security incidents to the home office and work with corporate IT on response and resolution strategy.
• Contribute to the development and execution of security awareness training programs for employees to enhance security awareness and best practices.
• Stay up to date with the latest cybersecurity threats, attack techniques and incident response strategies.

Requirements :

• Bachelor’s Degree in Computer Science/Information Technology or equivalent.
• At least 5 years of experience in a cyber or information security management role.
• Strong knowledge of the latest cybersecurity threats, trends, modern cybersecurity concepts, and technologies (zero trust, CIS Controls, OWASP, MITRE ATT&CK, XDR, CloudSec, AppSec, NIST, ITIL, Azure Well Architected Framework, etc).
• Experience in domains of Cyber Security Operations, Incident Response, Forensic Investigation, Threat Intelligence, or Vulnerability Management preferred.
• Ability to manage and configure security systems, monitor network traffic and system logs, conduct regular security assessments and respond to security incidents.
• Demonstrated understanding of business processes, IT risk management, and related standards.
• Proficiency in utilizing industry-standard tools for vulnerability scanning, assessment, and penetration testing.
• Excellent problem-solving skills and the ability to think critically under pressure.
• Effective communication and interpersonal skills, with the ability to collaborate across teams and convey technical concepts to non-technical stakeholders.
• Proven track record of staying current with evolving cybersecurity threats and best practices.
• Exceptional planning and organizational skills, and excellent written and oral communication.
• Self-starter with initiative and the ability to effectively prioritize and execute tasks with direction from corporate headquarters.
• Professional information security certification preferred, such as:

- CompTIA Security+

- Certified Information Systems Security Professional (CISSP)

- Certified Information Systems Auditor (CISA)

- Certified Information Security Manager (CISM)