Information Security Manager

at  Chemtrade

Job Description:

The Information Security Manager will oversee the Information Security Management function providing leadership and strategic direction. This role involves working with cross-functional teams and be responsible for the governance and compliance of Chemtrade environments.
Qualifications
-

Both CISSP and CISM Certifications are required for this role.

• 10+ years of experience in designing, developing, and maintaining IT cybersecurity solutions.
• 5+ years of experience assessing against standards and frameworks (ISO 27001/27002, ISO 15408, NIST Cybersecurity Framework)
• Experience in deployment of security controls in endpoints, networks, including network zoning, segmentation and isolation designs and implementation.
• Understanding of OT cybersecurity frameworks (IEC-62243, NIST SP 800-82 R2, NIST CSF).
• Hands on implementation experience of current and emerging state-of-the-art IT security technologies, architectures, and products.
• Strong communication, problem solving, and analytical skills in high pressure situations.
• Ability to collaborate effectively at all levels and functions.
• Strong organizational skills.
• Strong written and verbal communication skills.
• Self–starter with ability to work as part of a team.
• Excellent time management and analytical skills.
• Ability to learn new processes and technologies quickly.

Responsibilities

• Ensure strong and effective Information Security Governance and Risk Management- including operational risks.
• Help develop and implement processes to assess and/or monitor the effectiveness of IT Security, Risk and Control procedures to ensure adherence to standards and policies as appropriate.
• Drive Security Governance with service providers and liaising with Senior Management for guidance.
• Conduct regular vulnerability assessments and penetration testing on IT systems to identify potential security risks.
• Implement security policies, procedures, and standards for the IT environment.
• Develop IT Cyber Security standards and baselines with associated KPIs.
• Evaluate compliance with applicable regulations, standards and policies.
• Conduct security awareness training for employees and contractors.
• Work with third-party vendors and contractors to ensure that their systems and services are secure and compliant with company policies.
• Maintain up-to-date knowledge of industry best practices, new security threats, and emerging technologies to ensure IT security measures are effective and current.
• Collaborate with OT Cybersecurity team to ensure that OT systems are integrated with the overall IT infrastructure in a secure and compliant manner.
• Analyze, troubleshoot, and investigate security related incidents, events, and alerts using proper tools or even manual techniques.
• Develop and maintain incident response plans and procedures for IT security incidents.
• Provide support for audit and remediation activities as required.
• Supporting the development of cyber threat modeling and business impact analysis to ensure the environment is adequately protected with proper cybersecurity measures, tools, and controls.
• Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing a realistic overview of risks and threats in the operational environment.
• Assist in the development of training, procedures, and documentation for internal and external audiences.
• Strong knowledge supporting and troubleshooting network assets.