We are seeking a highly skilled and experienced Security Information Manager to oversee the development, implementation, and management of our information security programs.
This role will be responsible for safeguarding our critical assets, ensuring compliance with regulatory requirements, and minimizing security risks.
Responsibilities:
- Develop and implement an information security strategy and framework for the organization including mainly with focus on NIS2 and a possible ISO 27000 certification
- Conduct regular risk assessments to identify potential security threats and vulnerabilities.
- Establish and enforce security policies, procedures, and standards across the organization.
- Manage the deployment, maintenance, and monitoring of security technologies, including firewalls, intrusion detection systems, and data loss prevention systems.
- Lead incident response efforts to identify, mitigate, and recover from security incidents.
- Collaborate with cross-functional teams to ensure the security of networks, systems, and applications.
- Stay up-to-date with the latest security trends, technologies, and regulatory requirements.
- Conduct security awareness training programs for employees to promote a culture of security awareness.
- Monitor and analyse security logs and reports to identify patterns and potential security breaches.
- Work closely with vendors, auditors, and third-party providers to ensure compliance with security standards and requirements.
Requirements:
- Bachelor's degree in Information Technology, Law, or a related field. A Master's degree is preferred.
- English proficiency (min. B2 level)
- Minimum of 3 years of experience in information security
- Solid track record of successful implementation/managing of ISMS within the medium/big size corporations
- In-depth knowledge of information security principles, technologies, and best practices.
- Strong understanding of regulatory requirements, such as NIS(2), local cyber security regulations in the Czech Republic, NERC CIP, ISO 27001, and GDPR.
- Experience in conducting risk assessments and developing risk mitigation strategies.
- Proficient in the deployment and management of security technologies, including IDS/IPS, SOC, SIEM, SOAR and DLP systems.
- Excellent communication skills, with the ability to collaborate effectively with cross-functional teams.
- Relevant certifications, such as CISSP, CISM, or CRISC, are highly desirable.
Benefits:
- Home office (1x a week)
- Courses and trainings
- Professional growth
- Meal allowance
- Bonus pension ad health insurance
- Bonuses
- 7,5 working hours a day
- Company events
- Ability to travel
- Stable international company
- Contracts several years in advance