Overview:
We are seeking an Information Security Manager to collaborate with the Group Chief Information Security Officer and analysts in developing, implementing, and managing the organization's Information Security Strategy and Information Security Management System (ISMS) across all locations. This role entails overseeing the establishment of information security controls, conducting risk assessments, delivering user training, ensuring compliance, investigating security incidents, performing audits, and contributing to business continuity and disaster recovery planning.
Helping people thrive and grow in the modern digital world.
YNV Group is a holding company that began as a highly successful tech support start-up. In just a few years, we grew into a multi-brand group of companies serving global enterprise clients and governments. Today, our brands include TeKnowledge, Monifai, Smart Factoring, Everty and Sandglass and operate across the tech, real estate, and financial services sectors.
Responsibilities:
- Develop and implement robust information security controls aligned with industry best practices and regulatory mandates, including ISO 27001, PCI, and NIST frameworks.
- Lead incident response and investigation efforts to mitigate security breaches and minimize their impact.
- Proactively assess and manage information risks, identifying vulnerabilities across the organization and driving remediation strategies.
- Conduct comprehensive vulnerability assessments using specialized tools and methodologies to strengthen the security posture.
- Foster a security-conscious culture through the development and execution of targeted awareness programs.
- Architect and maintain a comprehensive information security framework, encompassing policies, procedures, and standards.
- Ensure business continuity and resilience through the design, implementation, and auditing of disaster recovery plans.
- Provide expert guidance on information security matters to internal and external stakeholders.
- Collaborate on risk assessments and compliance audits to identify and address potential security gaps.
- Perform in-depth security analysis of source code and firewall configurations, working closely with IT and business units to implement corrective actions.
- Provide regular updates to the Chief Information Security Officer on program performance, progress, challenges, and strategic initiatives.
Qualifications:
- Bachelor's degree in Information Security, Computer Science, or a related field.
- Minimum of 5 years of experience in information security roles, with a strong understanding of security principles and practices.
- Proven ability to implement and manage information security programs and projects.
- Strong knowledge of industry standards and frameworks such as ISO 27001, PCI DSS, and NIST.
- Experience with security technologies, including firewalls, intrusion detection systems, and security information and event management (SIEM) systems.
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills to effectively collaborate with teams and stakeholders.
- Ability to work independently and as part of a team.
- Possessing certifications like CISSP, CISA, or ISO 27001 Lead Implementer is a plus.
- Capacity to work independently and in a team environment in a constantly changing and growing environment.
- Proven excellence in researching, organizing, writing, and presenting technical information.
- Strong analytical and investigation capabilities with the ability to multi-task and work with minimum supervision.
- Strong English and Spanish communication skills, both oral and written.
- Demonstrated responsibility, autonomy, self-motivation, proactivity, and flexibility.
- The highest level of integrity and discretion.
- Ability to learn and adapt in a rapidly changing environment.