Information Security Manager


Information Security Manager


PECB is looking for an Information Security Manager to join our team in Prishtina, Kosovo. If you are an experienced and energetic individual, with great analytical and problem solving skills and someone willing to participate in the growth of one of the biggest organizations in the certification industry, we have an opportunity for you.

About PECB

We are a dynamic, multicultural, and innovative team that sees each day as a challenge and as a new opportunity to grow together with the company. We provide education and certification services to individuals on a wide range of industries and areas through professional training as well as MBA studies. We have a global network of more than 2,000 Resellers that provide our services worldwide, a network of 1,600 Trainers that teach our courses, and an alumni of more than 50,000 certified individuals. Through the years we have achieved to become one of the most credible certification bodies in the world for ISO standards by demonstrating excellence and credibility through accreditation. To improve the experience of all our network, we have developed various applications that are used globally and require inter-connectivity to ensure customer satisfaction.

Job purpose:

Information Security Manager will have primary responsibility for performing security architecture duties, cyber threat and vulnerability intelligence, system monitoring, security incident response and controls automation. The manager will develop and manage information systems security strategies, including disaster recovery, data protection, auditing, breach investigation and policy and procedure administration. Responsible for information security policies, procedures, user access and technical systems security settings in order to maintain the confidentiality, integrity, and availability of all PECB Systems (including IT infrastructure and applications). Information Security Manager will provide recommendations on how to mitigate vulnerabilities, will work with developers to advice on security needs and requirements, update security policies and procedures; and provide training as part of a company’s security awareness and training program.

Description of duties and responsibilities:

  • Provide strategic direction to related governance functions (such as Risk Management, IT Audit, Legal and Compliance);
  • Establish a process to periodically update policies and procedures to ensure they accurately reflect business requirements and align to industry leading security practices;
  • Provide oversight and continuous enhancement of cyber security awareness program and improvement on risk management;
  • Collaborates with the Security Committee and leads the design, implementation, operation and maintenance of the Information Security Management System based on the ISO/IEC 27000 series standards, including certification against ISO/IEC 27001 where applicable;
  • Ensure periodic testing is conducted to evaluate the security posture of IS. Conduct periodic reviews of ISs to ensure compliance with the System Security Plans (SSP);
  • Provide technical security expertise in Technology projects to ensure security standards are met
  • Leads or commissions the preparation, and authorizes the implementation, of necessary information security policies, standards, procedures and guidelines;
  • Prepare and submit Plan of Action & Milestone (POA&Ms) identifying IS weaknesses, mitigating actions, and the resources and timelines for corrective actions. Maintain POA&Ms for all security related vulnerabilities and ensure serious or unresolved violations have visibility on their corrective action;
  • Investigate and analyze details of security incident;
  • Maintain a flexible work schedule to meet position demands for after-hours support;
  • Leads the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations
  • Communicates audit findings and coordinates their resolution by preparing reports, status updates and discussing findings with stakeholders;
  • Forms a “Centre of Excellence” for information security management, for example offering internal management consultancy advice and practical assistance on information security risk and control matters throughout the organization;
  • Develop and manage controls to ensure compliance with the wide variety and ever changing requirements resulting from laws, standards and regulations;
  • Liaise with senior and middle managers throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies;
  • Plan and organize internal training and webinars to increase awareness on information security
  • Be up to date with the latest developments and security threats to ensure preparedness and bulletproof protection
  • Monitor the internal IT infrastructure for any potential information security threats
  • Other duties as assigned by the management.

Required Skills/Qualifications:

  • High level of integrity to deal with confidential information;
  • Fluency in English language (written and spoken);
  • Bachelor degree in Computer Science, Computer Information Systems, Business Administration, or its equivalent in work related experience;
  • PECB ISO 27001 LA, LI, PECB ISO 27002, or similar preferred; CISSP, CISA, or CISM a plus;
  • Experience with developing security framework such as ISO, NIST, PCI, and IT SOX audit requirements and security attack vectors a plus;
  • Experience with data classification, access control, and security models
  • Strong analytical and problem solving skills
  • Ability to work effectively with people at various levels throughout the organization
  • Must work well under pressure, grasp new ideas quickly, think outside the box, and be able to follow up in a dynamic environment
  • Strong multi-tasking skills in a fast paced environment
  • Strong team player
  • Work well independently with minimum supervision
  • Excellent verbal and written communication and interpersonal skills
  • Excellent knowledge of technical management, information analysis and of computer hardware/software systems;
  • Expertise in data governance;
  • Strong attention to details;
  • Ability to work independently and with groups;
  • Adaptability to a changing and fast paced work environment;
  • Good customer service skills.

Before applying we recommend you read about our Corporate Culture to have an understanding on what kind of people are we looking for:

To apply, please submit your application before December 17, 2021, at Resumes sent via other means will not be considered. Only short-listed candidates will be contacted.

Shikime 736
Kategoria Informatikë
Skadon 16 ditë
Orari Full Time
Lokacioni Prishtinë
KosovaJob is the largest employment network in Kosovo certified by Bureau Veritas with ISO 9001:2015 Quality Management
Follow Us
Copyright © 2021 - KosovaJob LLC
Copyright © 2021 - KosovaJob LLC