Information Security Manager
Reliability, latency, and security, along with being present where our customers need us, are critical to our success. Every request we process is important to everyone involved. We can’t go down because our customers’ businesses depend on us: we processed eCommerce transactions worth over $200B in 2020, and decided on billions of critical decisions.
We utilize highly sensitive information our customers trust us with, to catch fraudsters and abusers and let consumers operate without any friction.
Our systems run on 1000s of machines, on multiple regions (and Clouds), at a massive scale to provide the best service to the Enterprise customers we serve.
If this kind of working environment sounds exciting to you, if you understand that Engineering is about building the most effective and elegant solution within a given set of constraints - consider applying for this position. But hold on, you best check the position requirements first :)
- The ISM position requires a working knowledge of information security technologies. The ISM will proactively work with various teams and departments to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of security-related risk management activities.
- The ISM will serve as the process owner of security and compliance activities related to the availability, integrity and confidentiality of customers, business partners / vendors, employees and business information in compliance with the organization's information security policies. The ISM must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
- The ISM's role will be part of the GRC & InfoSec department. The ISM must be able to translate the IT-risk requirements and business constraints into technical controls and specifications.
Stuff you’ll be doing:
- Continuously enhance the security standard of Forter solutions by developing / implementing open-source / third-party tools to assist in detection, prevention and analysis of security threats, manage internal and external pen testing and test security products and evaluating them
- Monitor networks and systems and the external threat environment for security risks and emerging threats, and advise relevant stakeholders on the appropriate courses of action.
- Ensure that security programs comply with audit requirements, relevant laws, regulations and security & privacy policies to minimize or eliminate risk and audit findings.
- Assessing the risks of Forter environments and planning to minimise possible threats and provide regular reporting on the current status of the information security program to the relevant stakeholders as part of the risk management program.
- Interact with various teams and stakeholders to guide on authentication, authorization and encryption solutions.
- Provide technical answers and assist sales teams with RFPs / RFIs / RFQs and sales efforts
Stuff we need you to have:
- 5+ years working in a relevant security role
- Knowledge of risk assessment industry best practice frameworks and methods
- Ability to communicate network security issues to peers and management
- Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
- Knowledge of and experience in developing and maintaining policies, procedures, standards and guidelines., documenting security architecture and plans (including project plans).
- Extensive knowledge of various threats and vulnerabilities (DDOS, Social engineering hacking forms, etc.)
- Knowledge of AWS and Azure security tools
- Highly-analytical with strong attention to detail and good troubleshooting grasp
- Great verbal and written communication skills, Hebrow and English
It’d be really cool if you also:
- CISSP or CISM certified
- Have experience with common information security management frameworks, such as ISO27001 / SOC2 / PCI-DSS or similar
- Familiar with the principles of cryptography and cryptanalysis.
What it’s like to work at Forter:
We believe that head-count is a vanity metric (i.e. more doesn’t necessarily mean better), and that people matter! This is why we prefer smaller teams of talented and cohesive teams over “just give us some more working hands”.
We believe that the metric we should optimize for is increasing the IQ and EQ of our team over time, by building an organization that will draw such people to us. We care immensely about how the team works together, and we’re not shy from hard conversations. When you try to make an impact, friction (of opinions, or business constraints) is something you need to deal with.
We don’t have QA, we don’t have Architects (“CTO team”), we don’t have a NOC or SOC team. We look at our team as part of the system that we build, so we optimize the process and tools to fit our team. Most of our team has a generalist-mindset, but our system is vast and we have people developing expertise in areas they are passionate about.
We are big believers in having Skin in the game as a way of setting the alignment of incentives to build things right, and picking boring technology as we respect the complexity of our system and business.
You should join to help us build a better version of Forter, rather than a smaller version of a large company.
If you’re up for the challenge, please submit your CV.
More Information Security position highlights
- Explore open SOC Analyst Jobs
- Explore open Senior SOC Analyst Jobs
- Explore open Threat Intelligence Response Analyst Jobs
- Explore open Senior Penetration Tester Jobs
- Explore open Staff Security Engineer Jobs
- Explore open Information Security Officer Jobs
- Explore open Vulnerability Analyst Jobs
- Explore open Threat Intelligence Analyst Jobs
- Explore open Software Security Engineer Jobs
- Explore open Infrastructure Security Engineer Jobs
- Explore open Senior Information Security Engineer Jobs
- Explore open Chief Information Security Officer Jobs
- Explore open Cybersecurity Analyst Jobs
- Explore open IAM Engineer Jobs
- Explore open Sr. Software Engineer - Detection Engineering Jobs
- Explore open Computer Network Defense & Incident Response Analyst - Mid to Senior Level Jobs
- Explore open DevOps Security Engineer Jobs
- Explore open Computer Forensic Software Engineer Jobs
- Explore open Personnel Security Officer Jobs
- Explore open Senior Information Security Analyst Jobs
- Explore open Engineering Manager - Information Security, Bangalore Jobs
- Explore open Cybersecurity Engineer Jobs
- Explore open Staff Engineer, Cloud Security Jobs
- Explore open Cyber Threat Analyst Jobs
- Explore open Privacy Manager Jobs
- Explore open Clearance-related jobs
- Explore open Open Source-related jobs
- Explore open CEH-related jobs
- Explore open Forensics-related jobs
- Explore open PCI-related jobs
- Explore open IDS-related jobs
- Explore open Risk management-related jobs
- Explore open Audits-related jobs
- Explore open NIST-related jobs
- Explore open Ruby-related jobs
- Explore open Splunk-related jobs
- Explore open OSCP-related jobs
- Explore open Machine Learning-related jobs
- Explore open Google-related jobs
- Explore open IPS-related jobs
- Explore open AI-related jobs
- Explore open Encryption-related jobs
- Explore open Security assessments-related jobs
- Explore open Docker-related jobs
- Explore open PowerShell-related jobs
- Explore open DNS-related jobs
- Explore open TCP/IP-related jobs
- Explore open Unix-related jobs
- Explore open Threat detection-related jobs