ConnectOS is hiring a
Information Security Manager, Remote - Philippines

Summary

The job description is for an Information Security Manager role in a leading infrastructure provider based in Australia that offers embedded crypto solutions. The role involves managing the organization's information security policies, overseeing change agendas, managing Business-as-Usual monitoring and response capabilities, developing and operating security programs, proposing risk mitigation measures, leading incident response teams, designing security solutions, ensuring information security within projects, and advocating for security awareness across the organization. The role requires a tertiary qualification in Information Security or a related field, 7+ years of experience in Information Security with 2+ years in a lead or manager role handling a small team, prior experience building/scaling a security team is desirable, and strong reporting and communication skills.

Requirements

• Tertiary Qualifications in Information Security or a related field
• 7+ years of experience in Information Security, with 2+ years in a lead or manager role handling a small team (1-3 subordinates) preferred
• Strong reporting and communication skills
• Ability to manage a team of security analysts

Responsibilities

• Align the organization's Information Security Policies, Procedures, Tools and Practices with its risk tolerances and ensure compliance with legislation and regulatory requirements
• Oversee an on-going change agenda building on the already established security posture that adapts to emerging threats
• Manage the Business-as-Usual monitoring and response capabilities that protect the organization from Information Security threats
• Develop, operate and monitor the security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization
• Propose and support the definition of security risk mitigation measures (technical, procedural or organizational controls) according to the desired information security level
• Lead the incident response team (internal team & MSSP) in case of security event through the phases of triage, analysis, reaction, restore and post-mortem analysis
• Design security solutions and controls taking different stakeholders and requirements into account
• Ensure information security is addressed within projects (customer-facing/internal projects) by coordinating the implementation of appropriate (technical and/or organizational) security controls during project delivery
• Be an advocate for security, and uplift the overall security awareness across the organization by running training sessions, security simulations & assessments, tabletop exercises etc

Preferred Qualifications

• Prior experience building/scaling a security team is desirable
• Experience managing security in AWS, Azure, or Google Cloud
• Some experience with security and risk-based standards such as ISO2700X, ISO31000, NIST800, and PCI-DSS is desirable
• Familiarity and understanding of business and technical cybersecurity and risk management concepts and methods

Benefits

• Home-based (Must be open to reporting onsite, preferably once every quarter or as needed for townhall meetings and company activities if needed)
• Medical, Dental Coverage and Life insurance
• Paid Vacation and Sick Leave (with Quarterly Sick Leave Conversion)
• Competitive salary package and annual appraisal
• Financial Assistance Program
• Mandatory Government Benefits and 13th Month Pay
• Complimentary Sleeping Quarters, Coffee at no cost
• Complimentary Office Fitness and Wellness Facilities at no cost
• Regular Company Events, Work Life Balance, and Career growth opportunities
• Accessible location at the heart of Metro Manila --- the Mega Tower, EDSA