TheHiveCareersInformation Security & Technology Risk
Information Security & Technology Risk - thehivecareers.co | Career Page (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-WNGRBS6'); .primary-color { color: #1976d2; } .bg-primary-color { background-color: #1976d2; } .btn-info, .btn-info:hover { background-color: #1976d2; } .btn-apply, .btn-apply:hover { background-color: #1976d2 !important; border-color: #1976d2 !important; } .search-form { width: fit-content; margin: 0px auto 20px; padding: 10px; width: 60%; } .select2-container { width: 100% !important; } .search-dropdown-options { position: absolute; margin: 5px -12px; width: calc(100% - 17px); border: 1px solid #cacaca; border-top: 0px; z-index: 1; background: #fff; max-height: 200px; overflow: auto; border-radius: 0px 0px 6px 6px; } .search-dropdown-options li { cursor: pointer; } .search-dropdown-options ul li:hover { background-color: #5897fb; color: white; } .search-dropdown-options label { width: calc(100% - 22px); font-size: 14px; } .search-dropdown-placeholder { font-size: 14px; margin: 3px; cursor: pointer; } .select2-container--default .select2-selection--single { height: 38px !important; } .select2-container--default .select2-selection--single { height: 38px !important; border: 1px solid #ced4da !important; } .select2-selection__arrow { height: 36px !important; } .select2-results__option { font-size: 14px; } .select2-selection__rendered { line-height: 38px !important; font-size: 14px; color: #969696; } .width-100 { width: 100%; } ::-webkit-input-placeholder { /* Chrome/Opera/Safari */ font-size: 14px; color: #969696; } ::-moz-placeholder { /* Firefox 19+ */ font-size: 14px; color: #969696; } :-ms-input-placeholder { /* IE 10+ */ font-size: 14px; color: #969696; } :-moz-placeholder { /* Firefox 18- */ font-size: 14px; color: #969696; } @media (max-width: 575px) { .search-form { width: 100%; } .display-4{ font-size: 2.5rem; } } .positions { font-size: 16px; color: #808080; } .serach_count { padding: 4px; } .empty-result { color: #808080; } .fa-chevron-right { padding: 0px 8px; }
Information Security & Technology Risk
Kingston, St. Andrew Parish, Jamaica
Apply for Position Or refer someone
Job Openings Information Security & Technology Risk
About the job Information Security & Technology Risk
Manager, Information Security and Technology Risk
Role Summary
Working collaboratively with the Information Security team and third-party service providers to contribute to the protection of the Bank's information assets. The incumbent will assist in identifying and analyzing security anomalies and applying mitigating actions as instructed by management. The Manager will lead the management of information security risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes. The incumbent will assist with the embedding of policies, standards and procedures related to the effective management of the Bank's security posture and will assist in the execution of security tests, risk assessments, exercises, simulations, initial investigation of security breaches, user training and other security activities as deemed necessary. The Manager will lead the team of information security professionals by working closely with server and network operations team to ensure stability of the Bank's information security posture and may also be required to liaise with internal and external auditors and assist in audit reviews throughout the year.
Key Accountabilities Governance and Risk Management:
Manage the completion of IT risk assessments, including information security assessments (ISAs), threat risk assessments (TRAs), vulnerability scans, penetration testing, etc., follows up on open issues, validates completion of agreed mitigating tasks and other related tasks. Review and validate identified vulnerabilities provided by the Analyst. Monitors overall compliance of information security policies and standards. Work with team in closing out raised incidents of non-compliance and / or relevant parties to ensure resolution and learning.
Incident and Problem Management:
Manages the collection and evaluation of information required to investigate and remediate, as necessary, alerts received from the onsite security tools and third party providers of information security services, e.g., IBM ISS. Immediately informs Director of all critical events identified. Compiles all required information for further investigation of identified incidents. Provides incident response support, including assisting manager with mitigating actions to contain activity. Secrets management, as directed by the manager: Reviews and approves requests for new / modified security profiles; reviews requests to ensure completeness and prepares draft profiles. Manages the maintenance of the security matrices; researching changes to users' authentication with the application owners and confirming the results of the security matrices tests. Reviews and approves processing requests for certificates, tokens and keys; reviews requests to ensure completeness and prepares responses with feedback to team.
General:
Manages data collected and collates data for the generation of key performance indicators and key risk indicators. Manages team testing of new computers, software, switch hardware and routers before implementation to ensure security posture is maintained. This includes running vulnerability scans and running configuration compliance (hardware / databases / operating systems, etc.), scans and escalating significant issues to be addressed to responsible managers. Reviews and actions security compliance alerts within service level agreement (SLA) to ensure that anomalies / vulnerabilities are escalated / mitigated. Other tasks that may be assigned by Directors. Application and Cloud Security To ensure application code implemented meets the established secure code standards and the cloud deployments are secured, thus mitigating the risk of unauthorised access to the bank and customers' data: Manages all application security testing, coordinates tests with third party providers, and ensures that results are logged within applicable systems. Undertakes cloud security tasks as assigned by the Director, coordinates tests with third party providers, and ensures that results are logged within applicable systems.
Apply for Position
Or refer someone
Share
- Line
- [ LinkedIn](https://www.linkedin.com/shareArticle?mini=true&url=https://www.careers-page.com/thehivecareers/job/QX87R3XY&title=Information Security & Technology Risk)
- X (Formerly Twitter)
- [ Email](https://www.careers-page.com/thehivecareersmailto://?&subject=Job: Information%20Security%20%26%20Technology%20Risk&body=Hi there,%0D%0A %0D%0A I would like to share with you this job:%0D%0A %0D%0A https://www.careers-page.com/thehivecareers/job/QX87R3XY%0D%0A %0D%0A Best regards%0D%0A)
{"@context": "http://schema.org", "@type": "JobPosting", "hiringOrganization": {"@type": "Organization", "name": "thehivecareers.co", "sameAs": "", "logo": "https://manatal-backend-public-assets.s3.amazonaws.com/media/career\_portal\_logo\_direct\_upload/a59e8d7a-ccf4-436f-82bc-bd6385608f87\_thehive%20logo.png"}, "title": "Information Security & Technology Risk", "datePosted": "2023-10-03T20:10:59.811012+00:00", "description": "
Manager, Information Security and Technology Risk
\n\nRole Summary
\nWorking collaboratively with the Information Security team and third-party service providers to contribute to the protection of the Bank's information assets. The incumbent will assist in identifying and analyzing security anomalies and applying mitigating actions as instructed by management. The Manager will lead the management of information security risks related to the use, processing, storage, and transmission of information and the systems and processes used for those purposes. The incumbent will assist with the embedding of policies, standards and procedures related to the effective management of the Bank's security posture and will assist in the execution of security tests, risk assessments, exercises, simulations, initial investigation of security breaches, user training and other security activities as deemed necessary. The Manager will lead the team of information security professionals by working closely with server and network operations team to ensure stability of the Bank's information security posture and may also be required to liaise with internal and external auditors and assist in audit reviews throughout the year.
\nKey Accountabilities Governance and Risk Management:
Manage the completion of IT risk assessments, including information security assessments (ISAs), threat risk assessments (TRAs), vulnerability scans, penetration testing, etc., follows up on open issues, validates completion of agreed mitigating tasks and other related tasks. Review and validate identified vulnerabilities provided by the Analyst. Monitors overall compliance of information security policies and standards. Work with team in closing out raised incidents of non-compliance and / or relevant parties to ensure resolution and learning.
\nIncident and Problem Management:
Manages the collection and evaluation of information required to investigate and remediate, as necessary, alerts received from the onsite security tools and third party providers of information security services, e.g., IBM ISS. Immediately informs Director of all critical events identified. Compiles all required information for further investigation of identified incidents. Provides incident response support, including assisting manager with mitigating actions to contain activity. Secrets management, as directed by the manager: Reviews and approves requests for new / modified security profiles; reviews requests to ensure completeness and prepares draft profiles. Manages the maintenance of the security matrices; researching changes to users' authentication with the application owners and confirming the results of the security matrices tests. Reviews and approves processing requests for certificates, tokens and keys; reviews requests to ensure completeness and prepares responses with feedback to team.
\nGeneral:
\nManages data collected and collates data for the generation of key performance indicators and key risk indicators. Manages team testing of new computers, software, switch hardware and routers before implementation to ensure security posture is maintained. This includes running vulnerability scans and running configuration compliance (hardware / databases / operating systems, etc.), scans and escalating significant issues to be addressed to responsible managers. Reviews and actions security compliance alerts within service level agreement (SLA) to ensure that anomalies / vulnerabilities are escalated / mitigated. Other tasks that may be assigned by Directors. Application and Cloud Security To ensure application code implemented meets the established secure code standards and the cloud deployments are secured, thus mitigating the risk of unauthorised access to the bank and customers' data: Manages all application security testing, coordinates tests with third party providers, and ensures that results are logged within applicable systems. Undertakes cloud security tasks as assigned by the Director, coordinates tests with third party providers, and ensures that results are logged within applicable systems.