Information Security Architect / Expert

MINDPICKED is a new generation recruitment firm providing companies solutions in their search for talent, and talents opportunities who wants to reach their potential.

We specialize in middle and senior management recruitment in various sectors and countless job functions.

We are looking for an "Information Security Architect / Expert" for our Holding Group client.

Qualifications

• Ability to set technical direction and successfully implement that direction
• At least 5 - 8 years of experience in Information Security
• Team management experience
• Strong business and technology vision
• Proven ability to lead, manage, and motivate cross-functional, interdisciplinary teams
• Excellent skills to schedule activities and coordinate resource
• Ability to coordinate multiple projects with competing priorities
• Ability to communicate IT security concepts to technical and nontechnical audiences

Job Description

• Deep understanding of the information security discipline, processes, and best practices
• Ability to guide others in all information security domains
• Develop, implement and monitor the organization's information security strategy by considering the confidentiality, integrity and accessibility of group companies information to protect against intentional or accidental threats that may come from inside or outside the organization and to ensure that this information is used safely in business processes in an efficient, accurate and fast manner, and in line with access authorities
• Create and assure Group information security policies and procedures taking into account information security requirements, company needs and legal regulations
• Take approval of Group Information Security committee and executive IT management for security policies and procedures, review them in yearly periods, update if necessary and communicate them with group companies
• Plan the establishment and execution of the information security IT infrastructure, specify the security technologies and products required
• Establish and maintain the roadmap for IT Security and SOC services
• Create the security test plans, audit and measurement mechanisms for Group Information Security policies
• Conduct the establishment, management and continual improvement of the Information Security Management System (ISMS) within the scope of the ISO 27001 international standard, and advise group companies when necessary
• Conduct compliance studies to national/international laws and compliance standards for information security, organize compliance audits
• Regularly conduct security screening and vulnerability analysis tests every year with an independent outsource company
• Create and update "Enterprise Information Security Portal" infrastructure where all employees can access relevant security policies, procedures, security news and announcements, and communicate portal access information to group companies
• Audit the operations to ensure IT infrastructure security management operations run according to information security policies and procedures
• Following professional certifications; - CISSP (Certified Information Systems Security Professional) - CISM (Certified Information Security Manager) - ISO/IEC 27001 Lead Auditor - CEH (Certified Ethical Hacker) - ECSA (Certified Security Analyst)