Information Security Manager
Amman, Amman Governorate, Jordan
Applications have closed
ProgressSoft
ProgressSoft is a real-time payment and financial solutions provider serving banks, central banks, and payment service providers since 1989.We are looking to hire an experienced Information Security Manager who will be responsible for developing security standards, enhancing security processes, and collaborating with the GRC department for automation and continuous monitoring of security measures. As well as the security manager will manage security risk assessments, document, and report control failures, guide remediation activities, and lead the security team.
Responsibilities:
- Implement security controls, risk assessment framework, and program that align with regulatory requirements, ensuring documented and sustainable compliance that aligns and advances ProgressSoft objectives.
- Evaluate risks and develop security standards, procedures, and controls to manage risks.
- Improve ProgressSoft’s security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
- Collaborate with the GRC department to implement processes, and improve automate, and continuously monitor information security controls, exceptions, risks, and testing.
- Develop reporting metrics, dashboards, and evidence artifacts.
- Update security controls and provide support to all stakeholders on security controls covering internal assessments, regulations, and protecting Personally Identifying Information (PII) data.
- Perform and investigate internal and external information security risk and exceptions assessments.
- Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test results, phishing, and social engineering tests and attacks.
- Document and report control failures and gaps to stakeholders.
- Provide remediation guidance and prepare management reports to track remediation activities.
- Manage, train, guide, and lead the security team.
- Maintain best practices and technological advancements and act as the leader and owner of security assessments and compliance.
- Identify threats and risk exposures.
- Assess and manage security risks.
- Monitor the implementation of corresponding mitigating controls.
Requirements:
- 8+ years of experience in cyber security, and information security.
- Extensive experience in information security and/or IT risk management focusing on security.
- Solid understanding of security protocols, cryptography, authentication, and authorization.
- Understanding of ISO 27001 and PCI DSS standards preferred.
- Experience with risk management principles and associated methodologies.
- Ideally will have OSCP, CISSP, CISA, CISM, or similar qualifications.
- Proven ability to make sound pragmatic decisions and judgements under tight timelines.
- Strong interpersonal and influencing skills with the ability to influence and collaboratively drive change internally and externally.
- Excellent level of communication skills.
- Excellent command of the English language.
- Penetration testing experience is preferred, but not required.
- Experience in the Financial sector (Banking) preferred.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Banking CISA CISM CISSP Compliance Cryptography ISO 27001 Monitoring OSCP PCI DSS Pentesting Risk assessment Risk management Security assessment Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs