Information Technology Security Manager

The IT Security Manager is responsible for leading the Network Security and Endpoint Security teams, ensuring the organization’s IT systems and networks are protected from internal and external threats. This role encompasses strategic planning, technology implementation, operational management, and audit compliance, while ensuring the availability and reliability of security systems.

Key Responsibilities

Leadership & Team Management

• Lead, mentor, and manage the Network Security & Endpoint Security teams.
• Foster a culture of accountability and commitment to user satisfaction and operational excellence.
• Ensure all team members are equipped to deliver high-quality results.

Security Operations & System Management

• Oversee administration, monitoring, and technical support of network and endpoint security systems, including but not limited to:
• Firewalls, Intrusion Prevention Systems (IPS), Web Application Firewalls
• Internet Proxy/Web Filtering, DDoS Mitigation Systems
• Vulnerability Management, Patch Deployment, Antivirus, Universal Threat Management
• Application Control and other emerging security technologies
• Conduct regular system health checks, performance monitoring, and capacity planning.
• Ensure 24x7 availability of critical security systems.
• Supervise backup, patching, updates, upgrades, and DR failover/failback testing.
• Manage AMC renewals for systems and infrastructure.

Audit & Compliance

• Coordinate and support internal, external, and regulatory audits of IT security systems.
• Ensure documentation, procedures, and management reports are accurate, updated, and compliant with standards.

Reporting & Continuous Improvement

• Implement MIS reporting for all security systems and review reports periodically.
• Communicate progress, issues, and updates to IT leadership.
• Identify risks, implement corrective actions, and resolve issues proactively.
• Collaborate with internal teams and external vendors for system enhancements or issue resolution.

Required Qualifications & Experience

• Bachelor’s degree in Computer Science, Information Systems, or equivalent IT discipline.
• 10–12 years of IT experience, with at least 7 years in IT security operations.
• Master’s degree in Cybersecurity is a plus.

Certifications (at least 2 required):

• CISSP, CISM, CISA, GIAC, CEH, CRISC, or equivalent.

Technical Skills:

• Strong expertise in security systems, including firewall/VPN, IDS/IPS, DDoS, proxy/content filtering, endpoint & data security.
• Hands-on experience in vulnerability management and patch deployment.
• Solid understanding of LAN/WAN networking, TCP/IP, network protocols, intranet/internet technologies.
• Knowledge of security standards such as ISO 27001, ISO 27005, PCI-DSS, CoBIT.
• Experience in security event monitoring, reporting, and MIS documentation.