Information Security Lead

Company Description

About Wrist 

Wrist is the world’s leading ship and offshore supplier of marine provisions and stores with a market share of approximately 12%.

With the launch of the digital marketplace, Source2Sea, Wrist is leading the digital transformation of the marine supply industry. All year round, we offer 24/7 global online sourcing and logistics, providing data transparency, automation, and convenience to our customers.

We continuously work on reducing our climate impact while at the same time proactively addressing our customers’ growing demand and need for responsible solutions and services.

From more than 30 locations worldwide, in all major shipping locations, 1,800 Wrist employees take pride in making it easy for our customers to order and receive marine supplies and services.

• Wrist LinkedIn Page: https://www.linkedin.com/company/wrist-ship-supply/
• Wrist Facebook Page: https://www.facebook.com/wristshipsupply/

Job Description

Wrist Service Center is looking for an Information Security Lead. The perfect candidate holds a profound understanding of both GRC and operational aspects of Information Security and is preferably an Information Security Architect. This position will be reporting to the CISO and acting as a team lead for currently 4 local information security Specialists at the Manilla office, while also conducting tasks related to the field. The position will be closely working with HQ Security in Denmark. The entire Manilla team is considered part of the Information Security department, led by the CISO.  

As this security team in Manilla is only just being established, the entire team will take part in defining the capabilities of the team – naturally in collaboration with the HQ Security team and the CISO himself. 

Note that we are also looking for Information Security Specialists with a focus on Governance, Risk, and Compliance, as well as a Team Lead for the Information Security personnel at Manila. You can find those job postings here: https://bit.ly/SR_WSCCareers

What you'll be doing:

Lead the Information Security Team at the Manila office

• Define and align initiatives and tasks with the CISO
• Assist the CISO in 
  • Ensuring high work satisfaction among the Manilla Team
  • Ensuring the Manilla team is trained.
  • Managing our backlog and sprints.
• Define the capabilities of the information security department.  

Risk Management 

• Assist in ensuring quality and necessary pace in assessments. 
• Conduct and review Risk Assessments. 
• Monitor/Audit risks and controls 
• Take the top lead on Third-Party Risk management

Operational Security

• Take part in managing our incidence response capability (Roles, training, playbooks)
• Take part in managing our Vulnerability Management. 
• Assess Security Architecture 

What we're looking for:

• Bachelor’s degree in any course. Graduates in Information Security, Computer Science, Software Engineering, or similar is preferred but not required
• Not required, but holding certifications like Azure Architect, Azure Security, OSCP, OSEP, CISSP, Security+, ISO27001, CISM, CRISC is a plus
• Great English communication skills
• Proven leadership experience
• Knowledge in:
  • Risks management
  • Third-Party Risk Management
  • Control Management
  • Frameworks like ISO 27001/27002/27005, NIST 800-53, NIST CSF, etc. 
  • Defining policies and procedures
  • Network Security
  • Cloud Security (Azure) 
  • MDR/SIEM/Log Analytics 
  • Incident Response
  • Vulnerability and Penetration Testing
  • Identity and Access management (IAM)
  • Technical Security and Risk assessments
  • Disaster Recovery Planning
• Not afraid to challenge the CISO on professional aspects

Location: Times Plaza Building, U.N. Avenue corner Taft Avenue, Manila City

Work setup: On-site