Information Security & Governance Manager

This position's main responsibility is managing our security posture across all business streams at the acceptance level. The role involves being a business partner to identify and mitigate cyber, information security, and fraud vulnerabilities.

1. Drive and conduct security assessments for business streams, internal system tooling (ERP, low-code development tools), and external integrations (API, system-to-system).
2. Develop digital forensics mechanisms and tooling (focusing on data trailing, transaction audit trail, SIEM, alerting) in collaboration with the cybersecurity team.
3. Create comprehensive reports, communicate with stakeholders, and ensure complete remediation of security vulnerabilities.
4. Maintain updated documentation related to cyber, information security, and fraud risks for each business stream.
5. Manage and ensure the effective execution of the Information Security Awareness Program, including workshops and awareness campaigns.
6. Develop and maintain SOPs and policies related to information security to meet key security objectives.
7. Manage and develop the ISO 27001 program to retain certification and foster a security-aware culture.
8. Drive strategy and organizational development for the Information Security Governance team to support the CIS department in achieving its goals.
9. Assist or serve as project manager for key CIS department projects, depending on their criticality and delegation by the HOD.

1. Bachelor's degree in any field, preferably in technology or finance.
2. Minimum of 4 years of experience in Anti-Fraud, Cyber Fraud, MIS, Data Analysis, Business Operations, System Analysis, Security Analysis, SOC, or IT Governance Risk & Compliance.
3. Proficiency in SQL and data query technologies (preferred).
4. Understanding of information security principles, anti-bribery, corruption, and fraud activities.
5. Excellent analytical and problem-solving skills.
6. Attention to detail and ability to work under tight deadlines.
7. Basic business acumen.
8. Effective communication and interpersonal skills for cross-functional collaboration.
9. Strong knowledge of Role-Based Access Control and Audit Trail mechanisms.
10. Knowledge of information security compliance standards (ISO 27001, UU PDP, SOC2, etc.).
11. Hands-on experience with cybersecurity tools and data security standards (API security, threat intelligence tools, DLP, SIEM, Burp Suite, Kali Linux).

Evermos is committed to providing an inclusive environment with equal opportunities for all applicants regardless of race, color, religion, gender, national origin, disability, age, genetic information, marital status, pregnancy, or related conditions. Discrimination or harassment based on these characteristics will not be tolerated.

We emphasize the importance of diversity in all aspects of employment, including recruitment, hiring, promotions, training, and organizational operations.