Information Security Manager at Accelerex Network Limited

Role Summary

• We are currently seeking an intelligent and experienced Security Manager to join our team.
• The ideal candidate will be a key contributor to security architecture and technology decisions, defining communicating, planning, and executing all company and business unit goals in the security and compliance space.

Responsibilities

• Drive application and network security activities across the organisation
• Evaluate, design, deploy, support, and monitor information security systems
• Identify security exposures and develop to mitigate against same.
• Build and execute on project roadmaps
• Work with the technical operations team to implement information security solutions for the organisation
• Plan and run security awareness exercises and teach secure behavior and methods
• Lead and manage security incident response activities and forensic investigations
• Lead the implementation of best-practice security procedures, standards, and guidelines
• Support the organisation in developing and maturing their own application security program
• Lead compliance activates such as external audits from customers, regulatory compliance projects, and overall information security reviews
• Engage in cross business unit Security teams as the lead representative for the organisation.

Requirements

• Bachelor's Degree in Computer Science / Engineering / Information Security or equivalent work experience
• Minimum of 8 years of experience in information security.
• Experience working with and managing application security programs in an agile environment
• CISSP, CISM, CISA, Security+ or comparable Information Security Assurance certification
• Experience with financial industry security governance, including PCI DSS, SOC2 and state regulations
• Self-starter, able to work with a mix of technical and non-technical clients
• Strong documentation skills are a must
• Ability to perform technical risk assessments, triage security-testing results and manage security response actions.
• Demonstrable expertise in:
  • Linux / Windows / workstation / mobile device security hardening
  • Understanding Cloud Security best practices
  • External Regulatory compliance efforts, specifically PCI DSS
  • Secure Development Lifecycle practices and methods
  • Technical monitoring, troubleshooting, impact determination, and problem solving
  • Vulnerability and penetration testing
• Experience researching, implementing and administration of security infrastructure Application vulnerability and Web Application protection solutions:
  • Intrusion protection, firewalls, and SIEM tools.
  • File integrity monitoring, data loss prevention, and network access control.
  • Event log aggregation and analysis.