Manager, Information Security Management

ROLE DESCRIPTION:

We are looking for a Manager, Information Security Management to join the ISM team in our Bucharest location!

In this role, you will contribute to the development and continuous improvement of thr SES information security management and policy framework, and manage information sercurity projects following the SES information security roadmap. In addition, you will manage information security risks as well as design and implement information security concepts to safeguard SES's assets. You will also provide information and cyber security related support in projects across the organization.

All applicants must be native to a NATO country (EU nationality is a plus), and willing to undergo a secret clearance process.

You will be responsible for (this is not an exhaustive list):

• Coordinate the development and continuous improvement of the SES information security management system in accordance with industry standards and best practices


• Identify, assess and manage information security risks


• Manage compliance to the information security policy framework


• Liaise with relevant stakeholders across the organisation to develop and promote information security policies, standards, processes and procedures 


• Support the definition and implementation of SES’s information security strategy and framework
  
  
  
  • by assessing information security risks and
  
  
  • specifying and implementing information security controls to mitigate key risks.
  
  
  
  


• Manage assigned information security projects and budgets as laid down in SES’s information security strategy and deliver them within time, cost and scope.


• Design, implement and document information security concepts and information security controls, including coordination of various business stakeholders and engineering groups.


• Perform information security audits and vulnerability assessments and support the management of vulnerabilities


• Support the detection and analysis of information security incidents and manage adequate responses to information security incidents


• Support the development and maintenance of SES’s information security awareness program and delivery of awareness sessions


• Provide clear, concise, timely and constructive recommendations regarding information security in all areas related to information systems, networks and applications


• Travel as required

YOUR PROFILE

1. Must have 

• Degree in Computer Science, and minimum of 9 years' of industry related experience


• All applicants must be native to a NATO country (EU nationality is a plus), and willing to undergo a secret clearance process.


• Strong knowledge of Information Security Standards and good practices, including ISO 27000 series, NIST SP-800 series (e.g., NIST800-53), etc.


• Strong hands-on knowledge of and experience with implementing and maintaining Information Security Management Systems in accordance with ISO 27001 and best practices


• Hands-on knowledge of and experience with securing cloud environments


• Knowledge of the following topics:
  
  
  
  • Information Security Risk Management frameworks and methodologies
  
  
  • Network security, system security, application security and security design
  
  
  • Cyber security threats, vulnerabilities, security technologies and controls
  
  
  • Data Protection and Data Privacy
  
  
  • Vulnerability, compliance and patch management for complex networks, systems and applications
  
  
  
  

2.    Nice to Have

• Relevant certifications (e.g., ISO 27001 Lead Implementer, ISO 27005 Certified Risk Manager, CISM, CISA, CISSP) and knowledge of the satellite industry are a plus


• Consulting experience is considered an advantage

WHAT'S IN IT FOR YOU

• Flexible working policy


• Bonus plans


• Comprehensive and competitive benefits plan


• A range of wellness activities and employee assistance programs 

.