Job Description
**Information Security Manager** Protect sensitive information systems from unauthorized access, data breaches, and cyber threats while ensuring adherence to industry standards, regulations, and best practices. We are seeking a seasoned Information Security Manager to play a crucial role in shaping and overseeing our information security strategies, policies, and procedures. The ideal candidate will have a strong background in risk management, cybersecurity, and compliance, with a proven track record of developing and implementing effective security strategies in a corporate setting. **Key Responsibilities:** * **Policy Development and Implementation:** * Design and uphold comprehensive information security policies and procedures to protect digital assets. * Ensure compliance with security standards and regulations such as ISO 27001 and GDPR. * **Risk Management:** * Identify, evaluate, and prioritize information security risks. * Develop and implement plans to mitigate these risks, including conducting vulnerability assessments, risk assessments, and incident response protocols. * **Incident Response:** * Lead and coordinate incident response teams to detect, investigate, and resolve security breaches or incidents. * Develop and maintain a robust incident response plan, including communication with relevant stakeholders. * **Training and Awareness:** * Manage ongoing information security awareness training programs for employees. * Promote security best practices and foster a security-conscious culture within the organization. **Qualifications & Experience:** * A third-level qualification is preferred. * Recognized information security/cybersecurity certification is preferred. * At least 5 years of experience in information security, cybersecurity, or related roles with a focus on risk management. * Proven experience in developing and implementing security strategies in a corporate setting. * Familiarity with regulatory compliance and security frameworks (e.g., GDPR, ISO 27001). * Proficiency in security frameworks (e.g., ISO 27001, NIST). * Knowledge of EU regulations such as EBA Guidelines on ICT and Security Risk Management, EBA Guidelines on Outsourcing Arrangements, and DORA. * Experience with risk management and penetration testing. * Excellent communication skills, both written and verbal, with the ability to convey key metrics effectively. * Demonstrated ability to influence strategic decision-making at the executive level and translate technology insights into business strategies. * Strong client focus with an analytical and problem-solving mindset and attention to detail. * Ability to meet tight deadlines and complete deliverables as assigned by the Head of Risk and Compliance.