Job Requirement:

We are seeking a highly skilled Information Security Manager to join our team. The ideal candidate will have a strong background in information security, privacy management, and compliance. They will be responsible for developing, implementing, and maintaining security and privacy policies, procedures, and protocols to safeguard our organization's information assets and ensure compliance with relevant regulations, including ISO 27001, NS2, and ROPA.

Key Responsibilities:

• Security, Privacy, and Compliance Strategy:
• Develop and implement comprehensive security, privacy, and compliance policies, procedures, and guidelines.
• Ensure alignment of security and privacy policies with business goals and regulatory requirements.
• Conduct regular reviews and updates of security and privacy policies to address emerging threats and regulatory changes.
• Risk Management:
• Identify, assess, and mitigate security, privacy, and compliance risks to the organization.
• Conduct risk assessments, vulnerability remediations, and privacy impact assessments.
• Develop and maintain a risk management framework.
• Incident Response and Management:
• Lead the development and execution of incident response plans for security, privacy, and compliance breaches.
• Manage security and privacy incidents and coordinate response efforts with relevant stakeholders.
• Perform root cause analysis and implement corrective actions.
• Compliance and Audit:
• Ensure compliance with industry standards, regulations, and best practices, including but not limited to ISO 27001, NS2, and ROPA.
• Coordinate and support internal and external audits.
• Develop and maintain documentation for compliance purposes.
• Data Protection and Privacy:
• Oversee the implementation of data protection and privacy measures.
• Ensure the organization’s adherence to data protection laws and regulations.
• Conduct data privacy assessments and impact analyses.
• Manage data subject access requests (DSARs) and other privacy-related inquiries.
• ROPA (Record of Processing Activities) Management:
• Maintain and manage the organization’s ROPA to ensure compliance with data protection regulations.
• Ensure that all data processing activities are documented and up-to-date.
• Training and Awareness:
• Develop and deliver security, privacy, and compliance awareness training programs for employees.
• Promote a culture of security, privacy, and compliance awareness within the organization.
• Security Operations:
• Oversee the daily operations of the information security team.
• Monitor and analyze security alerts and events.
• Implement and manage security tools and technologies.
• Leadership and Team Management:
• Lead, mentor, and develop a high-performing security, privacy, and compliance team.
• Set performance goals and conduct regular performance reviews.
• Foster a collaborative and inclusive team environment.

Qualifications:

• Bachelor's degree in information security, Computer Science, Privacy Law, or a related field; master's degree preferred.
• 10+ years of experience in information security, privacy management, and compliance, with at least 5 years in a managerial role.
• Strong knowledge of information security, privacy, and compliance principles, practices, and technologies.
• Experience with security and privacy frameworks and standards (e.g., ISO 27001, NS2, ROPA).
• Proficiency in risk management, incident response, and vulnerability management.
• Excellent communication and interpersonal skills.
• Relevant certifications (e.g., CISSP, CISM, CIPP, CIPM) are highly desirable.

Preferred Skills:

• Experience with cloud security and securing cloud-based environments.
• Familiarity with security automation and orchestration tools.
• Strong project management skills and experience leading cross-functional teams.
• Ability to adapt to a fast-paced and dynamic work environment.

About Columbus:

Columbus is a global IT services and consulting corporation with more than 2,200 employees serving our customers worldwide. We bring digital transformation into your business and position you to thrive far into the future. We offer a comprehensive solution portfolio with deep industry knowledge, extensive technology expertise and profound customer insight. We have proven this through 32 years of experience serving more than 5,000 customers worldwide.