Assistant Manager/ Manager, Information Security

• Maintain and enhance information security framework to address evolving cybersecurity threats.
• Lead management review and lesson learned meetings to improve security posture.
• Conduct security awareness workshops and publish advisories to promote a security-first culture.
• Provide regular reporting to management on security performance, compliance status, and risk exposure.
• Perform risk assessments on IT systems, networks, and applications, and implement controls to mitigate identified risks.
• Monitor security alerts and threat intelligence to detect and respond to potential cyber threats.
• Perform information security audits and recommend effective measures to address gaps and inefficiencies.
• Manage incident containment, eradication, and recovery to minimize impact and restore operations swiftly.
• Coordinate with stakeholders to implement security initiatives.
• Provide input into information security spending and budgeting.

Minimum Education / Qualifications

• Degree in Information systems or equivalent.

Minimum Years of Relevant Experience

• 2 years’ experience in setting up and managing information security operations.

Knowledge/Skills

• Experience in ISO27001 ISMS, CIS, and/ or NIST frameworks.
• Experience in managing threat, vulnerability and incident, and understanding in digital forensic investigation, tools, and processes.
• Knowledge in security protections, practices, or solutions like Firewall, IDS/IPS, network segmentation, DLP, WAF, NAC, WiFi security, cryptography, endpoint protection, OWASP, etc.
• Certifications in CISA, CISM, CISSP and/ or PMP will be an advantage.
• Knowledgeable in Microsoft Office and other Windows and web applications.

• Meticulous and hands on.
• Excellent communication and written skills.
• Strong analytical and problem-solving skills.
• Team player with excellent interpersonal skills and multi-tasker.
• Customer-centric and proactive.