What are the responsibilities and job description for the Information Security Lead position at AgreeYa Solutions?
The Information Security Lead develops, maintains, and publishes required information security standards, procedures and guidelines per domain of responsibility. Responsible for conceiving and executing forward-looking security systems or processes design, implements programs for user awareness, compliance monitoring, security controls design and implementation.
Key responsibilities
1. Maintain the organization's information security effectiveness and efficiency by defining and leading the implementation of security approaches, standards and procedures supporting strategic plans and directions
2. Lead teams to resolve Information Security challenges. Provide the information security requirements for cross-organization projects and accompany the implementation of the requirements. Utilize deep information security understanding to support internal and external business-related activities, formulate IS solutions based on technical and business requirements. Maintain a detailed knowledge of IS solutions and present them to our customers.
3. Lead unit level initiatives and ensure competency to meet the needs of the team /
- Customers.
4. Design solutions and formulate response to RFx, create POC / demos, and present IS solutions to customers / corporate stakeholders. Utilize deep technical knowledge of IS products and services to align appropriate solutions based on client need.
5. Lead and manage Information Security Projects, including (as required) budget and resources, customer relationships, timelines, deliverables, quality and overall management.
6. Recommend information technology strategies, policies, and procedures by evaluating the organization's outcomes, identifying problems, evaluating trends, and anticipating requirements.
7. Keep updated with emerging security threats and alerts; conduct research on emerging products, services, protocols and standards in support of security enhancement and development efforts; collaborate with other cyber threat researchers.
8. Accountable for meeting quality objectives, adherence to best practices, quality processes, and methodologies; lead continuous improvement via Root Cause Analysis, Lessons Learned, and Prevention processes; Track quality KPIs and continuously improve quality and measurements.
9. Promote clarity and alignment with ongoing, effective communication to the project team regarding the unit's goals and status, project matters, companywide changes, special initiative status, etc. Strive for strong and healthy working relationships within the team.
10. Provide technical guidance and training to information "owners," other security managers, and IT associates.
11. Information Security Manager functions include :
12. Information Security Expert functions include :
Domain Expertise - be the technical expert and leader of certain domains such as IT, Application and GRC.
1. Comprehensive experience in information security / information security management
2. In-depth knowledge of security architectural considerations from an End-To-End security perspective
3. In-depth knowledge of information security concepts and methodologies
4.In-depth knowledge of compliances (PCI DSS, Sox, DPA, and so on) and IS standards (ISO 27001, BS25999, ISO 20000, OWASP, etc.)
5. In-depth knowledge of risk management methodologies and approach
6. Knowledge of Secure SDLC methodology
7. For management position - proven management experience
Credentials
Bachelor's degree in engineering or equivalent
CISA / CISM preferable
CISSP / CEH preferable
ISO27001 certified
