Job description
Job Purpose
Lead and manage information security across the organization, ensuring compliance with policies, maintaining ISO 27001 certification, and protecting business systems and data.
Core Responsibilities
Information Security Governance & Compliance:
– Maintain the Information Security Management System (ISMS) and ensure ISO 27001 certification
– Ensure compliance with policies, standards, and procedures
– Manage risk register and track mitigation actions
– Lead ISO audits and resolve observations and non-conformances
Risk & Incident Management:
– Establish and manage information security incident response processes
– Conduct root cause analysis and implement corrective actions
– Identify vulnerabilities and coordinate mitigation activities
Business Continuity & Disaster Recovery:
– Develop and test Disaster Recovery Plans (DRP)
– Lead Business Continuity Planning (BCP) processes
Security Operations & Controls:
– Ensure effective security controls across IT infrastructure
– Manage credential and access control processes
– Work with IT and vendors to identify and mitigate risks
Awareness & Training:
– Develop and deliver security awareness training programs
– Ensure staff understanding of Acceptable Use Policies (AUP)
Stakeholder Collaboration:
– Act as advisor to IT leadership
– Collaborate with internal teams and external partners
– Communicate risks and security issues effectively
Skills & Experiences
8+ years of experience in information security
Strong knowledge of security threats (malware, phishing, ransomware, DDOS)
Experience with ISO 27001 and ISMS frameworks
Strong understanding of networking and infrastructure security
Experience with Windows, Linux, Mac OS, iOS, Android
Familiarity with Azure, AWS, SQL, Active Directory, VPNs
Strong communication and stakeholder management skills
High level of integrity and confidentiality
Core Competencies
Analytical thinking
Risk management
Attention to detail
Communication and influencing skills
Leadership and accountability
Problem-solving mindset