Information Security Manager
Tel Aviv
Applications have closed
Reliability, latency, and security, along with being present where our customers need us, are critical to our success. Every request we process is important to everyone involved. We can’t go down because our customers’ businesses depend on us: we processed eCommerce transactions worth over $200B in 2020, and decided on billions of critical decisions.
We utilize highly sensitive information our customers trust us with, to catch fraudsters and abusers and let consumers operate without any friction.
Our systems run on 1000s of machines, on multiple regions (and Clouds), at a massive scale to provide the best service to the Enterprise customers we serve.
If this kind of working environment sounds exciting to you, if you understand that Engineering is about building the most effective and elegant solution within a given set of constraints - consider applying for this position. But hold on, you best check the position requirements first :)
- The ISM position requires a working knowledge of information security technologies. The ISM will proactively work with various teams and departments to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of security-related risk management activities.
- The ISM will serve as the process owner of security and compliance activities related to the availability, integrity and confidentiality of customers, business partners / vendors, employees and business information in compliance with the organization's information security policies. The ISM must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
- The ISM's role will be part of the GRC & InfoSec department. The ISM must be able to translate the IT-risk requirements and business constraints into technical controls and specifications.
Stuff you’ll be doing:
- Continuously enhance the security standard of Forter solutions by developing / implementing open-source / third-party tools to assist in detection, prevention and analysis of security threats, manage internal and external pen testing and test security products and evaluating them
- Monitor networks and systems and the external threat environment for security risks and emerging threats, and advise relevant stakeholders on the appropriate courses of action.
- Ensure that security programs comply with audit requirements, relevant laws, regulations and security & privacy policies to minimize or eliminate risk and audit findings.
- Assessing the risks of Forter environments and planning to minimise possible threats and provide regular reporting on the current status of the information security program to the relevant stakeholders as part of the risk management program.
- Interact with various teams and stakeholders to guide on authentication, authorization and encryption solutions.
- Provide technical answers and assist sales teams with RFPs / RFIs / RFQs and sales efforts
Stuff we need you to have:
- 5+ years working in a relevant security role
- Knowledge of risk assessment industry best practice frameworks and methods
- Ability to communicate network security issues to peers and management
- Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
- Knowledge of and experience in developing and maintaining policies, procedures, standards and guidelines., documenting security architecture and plans (including project plans).
- Extensive knowledge of various threats and vulnerabilities (DDOS, Social engineering hacking forms, etc.)
- Knowledge of AWS and Azure security tools
- Highly-analytical with strong attention to detail and good troubleshooting grasp
- Great verbal and written communication skills, Hebrow and English
It’d be really cool if you also:
- CISSP or CISM certified
- Have experience with common information security management frameworks, such as ISO27001 / SOC2 / PCI-DSS or similar
- Familiar with the principles of cryptography and cryptanalysis.
What it’s like to work at Forter:
We believe that head-count is a vanity metric (i.e. more doesn’t necessarily mean better), and that people matter! This is why we prefer smaller teams of talented and cohesive teams over “just give us some more working hands”.
We believe that the metric we should optimize for is increasing the IQ and EQ of our team over time, by building an organization that will draw such people to us. We care immensely about how the team works together, and we’re not shy from hard conversations. When you try to make an impact, friction (of opinions, or business constraints) is something you need to deal with.
We don’t have QA, we don’t have Architects (“CTO team”), we don’t have a NOC or SOC team. We look at our team as part of the system that we build, so we optimize the process and tools to fit our team. Most of our team has a generalist-mindset, but our system is vast and we have people developing expertise in areas they are passionate about.
We are big believers in having Skin in the game as a way of setting the alignment of incentives to build things right, and picking boring technology as we respect the complexity of our system and business.
You should join to help us build a better version of Forter, rather than a smaller version of a large company.
If you’re up for the challenge, please submit your CV.
Tags: AWS Azure CISM CISSP Compliance Cryptography DDoS E-commerce Ecommerce Encryption ISO 27001 Network security Pentesting Privacy Risk assessment Risk management SOC 2 Vulnerabilities
Perks/benefits: Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs