Information Security managerBarefoot Ventures Asia, Inc.

Job Description
Job Description
This is a once-in-a-lifetime career opportunity for someone who is yearning to join a flourishing fintech company, a management team that is driven, ambitious, and fun-loving.
Company Profile:
Our client is a US-headquartered renowned fintech company at the forefront of the market. The company specializes in delivering secure and seamless digital execution, clearing, and storage solutions for a wide range of investable assets on a global scale.
They are currently seeking a solutions-oriented and self-motivated Information Security Manager who possesses expertise in security management and lead a small team.
Overall purpose and responsibilities of the role:
You will be responsible for the day-to-day operations of the Cyber Operations programs (SOC, Cyber Threat Intelligence, Vulnerability Management, Cyber Incident Response, Penetration Testing, Email Security, and Insider threat) program. You will be accountable in planning, design, and the support of the Security Engineering and Security Operations and Compliance functions and all its components. This role is also expected to be able to troubleshoot complex problems with little oversight, take ownership and work independently as needed to resolve issues.
Skills& Qualifications:
Experience in an Information Security or Information Technology leading Information Security teams
Expertise in working with colleagues throughout the firm and in leading collaborative teams to achieve common goals
Knowledge of major cloud service providers (e.g., AWS, Azure, GCP) and associated technologies
Expertise in security measures such as network access controls, network segmentation, firewalls, and intrusion detection and prevention systems (IDS/IPS)
Experience and familiarization with a variety of information, application, and network security monitoring tools (SIEM, EDR/XDR, IDS/IPS, firewall, WAF, SAST, DAST, IAST, among others)
Understanding of vulnerability management (VM) and application security (AppSec) management
Ability to demonstrate analytical expertise, close attention to detail, critical thinking, logic, and solution orientation and to learn and adapt quickly
Proven success in developing, implementing, sustaining, and enhancing enterprise information security and risk management programs.
Decision-making capabilities, with an ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
Accountable for the successful completion of multiple, individual projects simultaneously.
Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.
Manage change and demonstrate adaptability by adjusting priorities or processes and approaching as needs dictate.
Work independently as a team representative of InfoSec as well as showing excellent teamwork skills.
Good understanding of system and network hardening practices.
Advantageous skills or nice-to-haves:
Bachelor's Degree or equivalent experience
CISSP, CISA, CISM, CRISC, CIPP or similar security or data privacy certification
Duties & Responsibilities:
Lead a team of Information Security analysts and engineers to promote information security services, while maintaining stability and governance, and putting team to success.
Help develop the Information Security strategy to identify gaps in security posture and drive the implementation of risk remediation programs and continuous improvements.
Serve as the primary Information Security threat expert keeping apprised of emerging and ongoing industry trends as well as the most likely strategies needed to mitigate the threats.
Participate in the software design life cycle, total cost of ownership of security appliances, application security, and infrastructure services.
Develop and enhance real-time monitoring of security threats, detection, and proactive response of security incidents and intrusion - enterprise wide
Develop key input into the development of cyber security strategies, employing existing and new resources required to mitigate the ever-changing threat landscape.
Perform comprehensive risk analysis of new and existing business initiatives and processes.
Manage the development and delivery of Information Security standards, best practices, architecture, and systems to ensure information system security across the enterprise.
Establish process to Identify and monitor all applications, systems, and assets on the network
Implement KPI/KRI metrics for continuous improvement as well as information regarding the overall security hygiene of the environment
Manage the event monitoring and triaging processes to detect and respond to events quickly and efficiently.
Perform correlations to improve event tracking and incident detection processes Managing project planning, engagement administration, budget management, and successful completion of engagements
Serve as organizational point person for business-critical incidents
Manage recruitment, training, and development for security staff . Foster an innovative and inclusive team- oriented work environment and play an active role in counseling and mentoring team members
Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes.
Job Type:Permanent
Emp Type:Full-time
Location: Work From Home
Industry: Financial Services
Expertise: IT-Manager