IT Security Manager EMEA
Antal International s.r.o. (CZECH)
Praha, Česká republika
před 5 dny

IT Security Manager - EMEA

JOB PURPOSE : The Information Security & Compliance Manager (ISCM) role is a critical role within Group IT. The role holder will work to deliver the objectives within Group IT Information Security strategy and further enhance a security program that identifies and addresses security and privacy risks and security requirements.

The ISCM will be responsible for managing the process of gathering, analyzing & assessing the current & future information security and privacy threats to the company as well as maintain & monitor the information security best practices as they develop.

The role holder will work with senior managers across the company to drive the information security agenda and ensure that it meets complex compliance requirements.

They will act as an empowered representative of Group IT planning initiatives to ensure that security controls are incorporated into IT projects at the design stage and expectations are clearly defined.

The role holder will also play a leading role in the evaluation of current Information Security breach management processes and ensure that the company can meet its mandatory data breach notification obligations should the need arise.

MAIN DUTIES AND RESPONSIBILITIES :

  • Ensuring the security and sustainability of information and communication systems by preventing, defining and applying standards, as well as controlling vulnerabilities and managing incidents.
  • Work with the Group IT Leadership Team to build on an existing information security program and ongoing security projects that address information security risks and compliance requirements.
  • Consult with Group IT Project Teams to ensure that security is factored into the evaluation, selection, installation and configuration of hardware, applications and software as part of Privacy by Design and Default.
  • Research, evaluate, design, test, recommend or plan the implementation of new or updated information security hardware or software, and analyze its impact on the existing environment;
  • provide technical and managerial expertise for the administration of security tools.

  • Manage and coordinate operational components of security incident management, including detection response and reporting.
  • Investigate ,manage and document security breaches and other cyber security incidents
  • Manage the day-to-day activities of threat and vulnerability management, identify risk tolerances, recommend treatment plans and communicate information about residual risk.
  • Manage security projects and provide expert guidance on security matters for other IT projects.
  • Evaluate requests for exceptions to policies, ensuring sufficient mitigating controls are in place.
  • Provide Information security communication, awareness and training to the company
  • Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
  • Report and mitigate security vulnerabilities and vulnerability management system
  • Participate in develop of best practices for IT security
  • Conducting Information security auditing
  • Participate in risk management process
  • KNOWLEDGE AND EXPERIENCE :

  • Proven experience in an information security role including experience of developing Information Security policies and plans
  • Working knowledge of the European General Data Protection Regulations (GDPR) Excellent understanding of information security concepts, protocols, industry best practices and strategies.
  • Good understanding of system technology security testing (vulnerability scanning and penetration testing.
  • SPECIFIC SKILLS :

  • Advanced Public Key Infrastructure, Office 365 Security, Network Security, Virtualization, Backup and Disaster Recovery, Enterprise Mobility Management Strategies, Enterprise Patch Management
  • Familiarity with penetration testing techniques
  • Understanding of firewall implementation and best practices
  • Understanding of proxy services and web filtering techniques and best practice
  • Understanding of Security Incident and Event Management systems and their management
  • Experience with antivirus and end-point protection systems
  • Understanding of network defense strategies and techniques.
  • Knowledge of and ability to create, implement, evaluate and enhance processes in internal controls
  • Knowledge of organization's internal audit and QMS processes, practices and methods
  • ABILITIES :

  • Excellent communicator able to reduce complex ideas to simple terms and express these both to non-technical and highly technical audiences
  • Strong analytical, synthetical, critical thinking, and organizational skills
  • Integrity, autonomy, rigor, sense of organization
  • Experience of planning, prioritizing and organizing the work of yourself and others, delivering to tight deadlines whilst ensuring the effective use of resources
  • Demonstrable ability to work in a pressurized environment with conflicting priorities, ensuring that deadlines are met ensure high quality service
  • Availability to travel as needed to attend internal / external audit meetings and perform IT Security audits to ensure compliance with the Company's standard (around 30% post-covid)
  • If our offer sounds interesting and you match the profile, please apply now!

    katerina.janicatova antal.cz

    To learn more about Antal, please visit www.antal.cz

    120 00 Praha 2

    Nahlásit tuto nabídku
    checkmark

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Požádat
    Můj e-mail
    Kliknutím na "Pokračovat", souhlasíte s tím, že neuvoo sbírá a zpracovává vaše osobní údaje, které jste poskytli v tomto formuláři, aby vytvořili neuvoo účet a přihlásili vás k odběru emailových upozornění v souladu s naší Ochranou Osobních Údajů . Váš souhlas můžete vzít kdekoliv zpět, následováním těchto kroků .
    Pokračovat
    Žádost