IT Security Manager

Position Objective:

The IT Security Manager will be responsible for overseeing and enhancing the security framework of the organization. This includes ensuring the confidentiality, integrity, and availability of information assets across our local and global operations. The ideal candidate will have a strong background in IT security, risk management, and compliance, with experience in managing security in a complex, multi-faceted environment.

RESPONSIBILITIES:

Device Patching, Training and Email Phishing Campaigns:

Security Strategy and Framework \ Compliance \   Incident Management:

• Manage and deploy patches for servers and user devices.
• Provide guidance and training to staff on security best practices and emerging threats and manage simulated phishing campaigns.
• Monitor and report on the effectiveness of security operations and initiatives to senior management.
• Conduct regular risk assessments and vulnerability analyses to identify and mitigate potential security threats. (including coordination of Penetration Testing)
• Develop, implement, and maintain the overall information security strategy and framework.
• Assist in the development and implementation of security policies, standards, and procedures.
• Manage and respond to security incidents and breaches; assist in conducting root cause analyses and implementing corrective actions.
• Ensure compliance with relevant legal and regulatory requirements, including GDPR, HIPAA, and other data protection laws.
• Collaborate with IT, compliance, and business units to integrate security into all aspects of the organization’s operations.

Perform Day-to-day Administration tasks

• Monitor security alerts and incident reports, conducting initial investigations and escalating as necessary.
• Provide IT security support and guidance to employees, addressing security-related queries and incidents.
• Perform regular audits of servers to ensure patch compliance.
• Perform regular audits of user security to ensure compliance.

Human Resources

• Comply with all HR policies and procedures.
• Comply with relevant employment laws.

Other

• Other duties as assigned.

qUALIFICATIONS

• Bachelor’s degree in computer science, Information Security, or a related field.  Master’s degree is a plus.
• Minimum of 5 years of experience in IT security management.
• Relevant industry certifications (e.g., CISSP, CISM, CEH).
• Proven experience in managing security operations, including patch management, phishing training, penetration testing, and incident response within a regional scope.
• In-depth knowledge of security frameworks, standards, and best practices (e.g., ISO 27001, NIST, COBIT).
• Strong understanding of network security, encryption, threat modelling, and security incident management.
• Experience with security tools and technologies, including SIEM, IDS/IPS, DLP, and endpoint protection.
• Excellent problem-solving and analytical skills.
• Strong project management and team leadership capabilities.
• Ability to work effectively in a fast-paced, global environment.
• Strong communication and interpersonal skills, with the ability to convey complex security concepts to non-technical stakeholders.

working conditions

• Normal office working environment.  Hybrid schedule.

other factors

• Some travel required, 20%