Information Security Manager

3 days ago Be among the first 25 applicants The Information Security Manager is responsible for safeguarding the organization’s information assets by implementing, managing, and overseeing the company’s security policies, protocols, and procedures. This role involves identifying and mitigating security risks, ensuring compliance with industry standards, and leading efforts to protect sensitive data across all digital platforms. Responsibilities Assess risk and ensure security systems and operations comply with organizational and regulatory requirements Lead the development and execution of security strategies and policies Responsible for day to day execution of security policies and procedures. Use monitoring tools to identify threats and incidents Analyze, design, manage and deliver the services required to minimize the negative impact of security incidents and restoring normal service operation as quickly as possible Advise appropriate senior leadership on risk levels and changes affecting the organization\'s cybersecurity posture Work with leadership, financial resources, and key security personnel to support IT security goals and reduce overall organizational risks Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies Assure successful implementation and functionality of security requirements and IT policies and procedures Continuously validate the organization against policies, guidelines, procedures, regulations, laws to ensure compliance Interpret patterns of noncompliance to determine their impact on risk and the cybersecurity program Identify alternative information security strategies to address organizational security objectives Ensure cybersecurity requirements are integrated into continuity planning Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning security of network operations Coordinate cybersecurity inspections, tests, and reviews for the network environment Participate in developing or modifying the cybersecurity program plans and requirements Support compliance activities (e.g., configuration guidelines, monitoring) Recognize security violations and report incidents as required Manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered Collect and maintain data needed to meet cybersecurity reporting Identify IT security program implications of new technologies or upgrades Identify security requirements for IT systems in all life cycle phases Lead information security risk assessment during the Security Assessment and Authorization process Evaluate and approve development efforts to ensure baseline security safeguards Provide system-related input on cybersecurity requirements for procurement Promote awareness of security issues among management and reflect sound security principles in the organization\'s vision and goals Communicate IT security value across stakeholders Oversee information security training and awareness program Monitor information security data sources to maintain organizational situational awareness Ensure plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc. Track audit findings and recommendations to ensure mitigation actions are taken Core Competencies Business Continuity Computer Network Defense Database Administration Encryption Information Systems/Network Security Network Management Operating Systems Policy Management Threat Analysis Additional Knowledge Areas ISO 27000 – NIST – CIS – Data Privacy Qualifications Bachelor’s degree in Information Security, Computer Science, or related field. Proven experience (5+ years) in information security management, IT risk management, or similar roles. Strong understanding of current IT threats, security protocols, and industry best practices. Professional certifications such as CISSP, CISM, or equivalent is an advantage. Excellent leadership, communication, and project management skills. About DAVI Data Analytics Ventures Inc. (DAVI) is the Gokongwei Group\'s loyalty and data analytics company, specializing in deep-dive data analysis to enhance business processes and customer experiences. Leveraging rich data, DAVI helps businesses understand brand and category performance, identify growth opportunities, and optimize decisions. With a team of industry leaders and innovators, DAVI fosters a culture of excellence, continuous learning, and mentorship, empowering employees to shape their careers and contribute to the rapidly evolving data industry. #J-18808-Ljbffr