Information Security Manager

About us:

Forter provides a new generation approach to meeting the challenges faced by modern enterprise e-commerce. From attracting and retaining the right shoppers by reducing friction and boosting consumer confidence across the entire purchase journey, to fighting sophisticated fraudsters and reducing chargeback losses, only Forter provides a fully automated, real-time Decision as a Service™ platform. Behind the scenes, Forter’s machine learning technology combines advanced cyber intelligence with behavioral and identity analysis to create a multi-layered detection and decisioning mechanism. Across all our client's sites, we have created a network of over 800 million buyer identities globally. Our success so far in the marketplace has allowed us to achieve a total series F valuation of over $3 Billion. Our investors include: Tiger Global, Bessemer, Sequoia Capital, March Capital, Salesforce Ventures.

Reliability, latency, and security, along with being present where our customers need us, are critical to our success. Every request we process is important to everyone involved. We can’t go down because our customers’ businesses depend on us: we processed eCommerce transactions worth over $200B in 2020, and decided on billions of critical decisions. 

We utilize highly sensitive information our customers trust us with, to catch fraudsters and abusers and let consumers operate without any friction. 

Our systems run on 1000s of machines, on multiple regions (and Clouds), at a massive scale to provide the best service to the Enterprise customers we serve. 

About the role:

• The Information Security Manager position requires a working knowledge of information security technologies. The ISM will proactively work with various teams and departments to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of security-related risk management activities. 
• The Information Security Manager will serve as the process owner of security and compliance activities related to the availability, integrity and confidentiality of customers, business partners / vendors, employees and business information in compliance with the organization's information security policies. The ISM must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode. 
• The Information Security Manager role will be part of the GRC & InfoSec department. The ISM must be able to translate the IT-risk requirements and business constraints into technical controls and specifications.

What you’ll be doing:

• Continuously enhance the security standard of Forter solutions by  developing /  implementing open-source / third-party tools to assist in detection, prevention and analysis of security threats, manage internal and external pen testing and test security products and evaluating them
• Monitor networks and systems and the external threat environment for security risks and emerging threats, and advise relevant stakeholders on the appropriate courses of action.
• Ensure that security programs comply with audit requirements, relevant laws, regulations and security & privacy policies to minimize or eliminate risk and audit findings.
• Assessing the risks of Forter environments and planning to minimize possible threats and provide regular reporting on the current status of the information security program to the relevant stakeholders as part of the risk management program.  
• Interact with various teams and stakeholders to guide on authentication, authorization and encryption solutions.
• Provide technical answers and assist sales teams with RFPs / RFIs / RFQs and sales efforts

What you'll need:

• 5+ years working in a relevant security role 
• Knowledge of risk assessment industry best practice frameworks and methods
• Ability to communicate network security issues to peers and management
• Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
• Knowledge of and experience in developing and maintaining policies, procedures, standards and guidelines., documenting security architecture and plans (including project plans).
• Extensive knowledge of various threats and vulnerabilities (DDOS, Social engineering hacking forms, etc.)
• Knowledge of AWS and Azure security tools 
• Highly-analytical with strong attention to detail and good troubleshooting grasp
• Great verbal and written communication skills, Hebrew and English

It’d be really cool if you're also:

• CISSP or CISM certified
• Experienced with common information security management frameworks, such as ISO27001 / SOC2 / PCI-DSS or similar
• Familiar with the principles of cryptography and cryptanalysis.

Why Forter:

• Competitive salary
• Commission 
• Pension 
• Comprehensive and generous health insurance, including vision and dental coverage
• Stock options
• Generous PTO policy

At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company.

Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law.