Information Security Manager

Information Security Manager

Responsibilities:

• Oversee governance of vulnerability management, ensuring SLA adherence, reporting metrics, and managing escalations.
• Drive DevSecOps governance, including code-level vulnerability remediation and static application security testing (SAST) oversight.
• Manage cloud security governance for environments hosted on Azure, AWS, and Oracle Cloud Infrastructure (OCI).
• Implement and maintain container security controls across hybrid cloud infrastructures.
• Support offensive security activities, including red teaming and cyber simulation exercises, and enforce follow-up governance actions.
• Collaborate with the Data Protection Officer (DPO) to strengthen Data Leak Prevention (DLP) efforts.
• Develop and manage SIEM compliance use cases, focusing on policy violations such as unauthorized software use, privilege escalation, and multi-factor authentication (MFA) enforcement.
• Ensure logging practices are standardized and SIEM integrations are complete across all monitored domains.
• Determine risk escalation paths and manage Governance, Risk, and Compliance (GRC) workflows.
• Define, implement, and optimize governance processes to improve overall security effectiveness.
• Evaluate vendor performance and ensure strategic alignment with the organization's cybersecurity goals.

Requirements:

• Demonstrated leadership experience in managing security compliance and governance programs.
• Proficient in industry-standard security frameworks (e.g., NIST, ISO, CIS).
• Ability to translate technical issues into business impact, communicating effectively with both technical and non-technical audiences.