اعلان توظيف صادر عن شركة الحكمة للصناعات الدوائية

Manager, Information Security

Job description:

1. JOB DETAILS:

Job Title:

Manager, Information Security

Reports to:

Sr. Director, Information Security

Department:

Information Technology

Function:

Information Security

Location

Jordan

2. JOB PURPOSE

This role will primarily oversee and manage Information Security GRC (Governance, Risk and Compliance) functions as part of the team. These include but not limited to Security Policy and Standards, Third Party Vendor Reviews, Security Exceptions, Phishing Testing and Security Awareness Communications, Security Metrics, and Legal Support.

This role will assist when needed with the security operations, security tools and capabilities within our global IT infrastructure.

This role will be responsible for collaborating with multiple groups across IT Infrastructure, Information Security, and IT operations.

This role will support in the development of the security strategy roadmap to ensure business objectives are supported and risk is assessed, minimized, and maintained within appetite.

4. KEY ACCOUNTABILITIES

Governance, Policy and Procedure Development

• Partners with IT Infrastructure, Information Security and engineering teams to identify and evaluate emerging risk and threats.
• Develops and maintains strong relationships with vendors and strategic external security partners.
• Supports the introduction and improvement of cyber security initiatives and requirements at regional and Group level in line with current best practices.
• Contribute to the development, implementation, and support of the publication of appropriate Information Security control standards, procedures and guidelines ensuring alignment with acknowledged international or professional standards and industry accepted best practice. Works with business and technology to ensure compliance.
• Supports data protection and data privacy initiatives.
• Develops and maintains good working relationships with stakeholders, colleagues, and business partners.
• Supports the acquisition, implementation and maintenance of security tools, processes, and procedures to support business initiatives and reduce risk.
• Oversee and manage Information Security GRC (Governance, Risk and Compliance) functions as part of the team. These include but not limited to Security Policy and Standards, Third Party Vendor Reviews, Audit Responses, Security Exceptions, Phishing Testing and Security Awareness Communications, Security Metrics, and Legal Support such as eDiscovery and Cyber Insurance related activities.

Team Management

• Collaborate with information security resources in line with local and group security requirements globally.

Risk Assessment

• Work with Information Security, IT and Procurement teams on reviewing Third Party Vendors and Service Providers to assess their security maturity as part of Hikma’s due diligence. Responsible for reviewing vendors on an ongoing basis as well.
• Assesses and monitors the Hikma Threat Landscape and ensures changes are reported to the Sr. Director of Information Security.
• Work with IT GRC team on maintaining the IT Security risk register.
• Work with IT GRC team on audit findings and remediations across IT teams such as Infrastructure and Applications teams.
• Provides support and guidance to the Legal Department in the technical aspects of investigation activities and requirements.
• Supports the Group Head of InfoSec in assessing the security maturity status of the company.

Metrics

• Develops security dashboards to identify and monitor the effectiveness of security controls.
• Ensures required security outputs are delivered on time and to an agreed standard

Training

• Lead the Global Security Awareness Communications and Training program

6. QUALIFICATIONS, EXPERIENCE, & SKILLS

QUALIFICATIONS

• Minimum: Degree in information security
• Preferred: Master’s degree

EXPERIENCE

• Minimum: 2-3 years of experience that is directly related to the duties and responsibilities as specified, and 3-5 years of experience in Information Security overall.
• Preferred: One or more of the following: ISC2 Certified Information System Security Professional (CISSP), ISC2 Governance Risk and Compliance (CGRC), ISACA Certified Information Security Manager (CISM), ISACA Certified Information Security Auditor (CISA), ISACA Certified in Risk and Information Systems Control (CRISC).

SKILLS

• Bachelor’s degree preferably in an IT-related discipline and 6+ years of IT experience within a regulated environment
• Experience supporting a broad range of security technologies and implementing modern network security architectures
• Knowledge of industrial centric protocols coupled with general network security experience including AV, IDS/IPS, firewalls, SEIM, etc.
• Working knowledge of common security frameworks and its application in IT environments
• Strong customer focus, leadership presence, influencing, collaboration, instilling trust, strategic thinking, communication, information-sharing, and organizational skills
• Excellent interpersonal skills with the ability to communicate effectively verbally and in writing with all levels within the organization, including both technical and non-technical personnel
• Up to 10-25% Domestic and International Travel will be required

للتقديم اضغط هنا

لسرعة الوصول للوظائف
سارع بالانضمام على قناة التلجرام
https://t.me/jobsjordan2024