Information Security Lead

What is the role?

We are seeking a talented and experienced Information Security Manager to join our team. The Information Security Manager will be responsible for overseeing and managing both cloud and product security initiatives. The ideal candidate will have a strong background in cloud security, product security, risk assessment, and vulnerability management, with a passion for driving security initiatives and collaborating with cross-functional teams.

Key Responsibilities

  • Develop and implement comprehensive security strategies, policies, standards, and procedures for both cloud infrastructure and product security.
  • Oversee the implementation and maintenance of security controls to protect cloud environments, including SaaS, PaaS, and IaaS platforms.
  • Collaborate with cloud architects and engineering teams to ensure the security of cloud-based systems and services.
  • Conduct security assessments and audits of cloud environments to identify and mitigate security risks and vulnerabilities.
  • Manage security incidents and coordinate response activities to minimize impact and ensure timely resolution.
  • Develop and deliver security awareness training programs for employees to promote a culture of security.
  • Work closely with product development teams to integrate security best practices into the product lifecycle, including threat modelling, secure coding guidelines, and security testing.
  • Lead the product security incident response process, including triage, investigation, and resolution of security incidents and vulnerabilities.
  • Provide guidance and support to cross-functional teams on security-related matters, including security requirements, controls, and compliance.
  • Stay abreast of emerging threats, security technologies, and regulatory requirements, and provide recommendations for enhancing the security posture of our products, systems, and cloud infrastructure.

Preferred Qualifications, Skills & Experience

Basic Qualification:

  • Bachelor’s or Master’s degree in Computer Science, Computer Engineering, or a related field.
  • 8 to 14 years of experience in application security, including 3+ years in a supervisory role.
  • Strong understanding of cloud security principles, best practices, and technologies.
  • Experience with cloud security platforms and tools, such as AWS, Azure, or GCP.
  • Experience in securing SaaS, PaaS, and IaaS environments.
  • Experience with security assessments, risk management, and vulnerability management processes.
  • Strong programming/scripting skills in languages such as Java, Ruby, and Python.
  • Ability to automate security testing processes and enhance productivity in security assessments.
  • Comprehensive understanding of web frameworks and architecture.
  • Effective communication skills to convey security vulnerabilities to diverse audiences, including development and management teams.

Advanced Qualification:

  • Published CVEs / research papers/articles about the security of the application layer and related protocols.
  • Experience in integrating and automating security in DevOps through implementing/building orchestration tools.
  • Good security development experience in any programming language.

FirstHive Secures Investment In Latest Funding Round

FirstHive Secures Investment In Latest Funding Round →

Read More