Manager - Information Security

The Manager - Information Security is responsible for developing, implementing, and maintaining robust security measures to protect an organization’s data, systems, and networks. This role involves leading security initiatives, ensuring compliance with industry regulations, and mitigating cybersecurity risks. The ideal candidate should have extensive experience in information security, risk management, and cybersecurity frameworks, along with strong leadership and problem-solving skills.

Responsibilities:

• develop and implement information security policies, standards, and best practices to protect company data and IT infrastructure

• oversee the design and maintenance of security architectures, ensuring alignment with business objectives

• conduct risk assessments and vulnerability testing to identify potential security threats and implement corrective actions

• monitor security incidents, investigate breaches, and implement incident response strategies

• ensure compliance with relevant regulations, such as ISO 27001, NIST, GDPR, and local cybersecurity laws

• collaborate with IT and business teams to integrate security measures into systems and applications

• lead and manage security awareness programs to educate employees on best cybersecurity practices

• work closely with third-party vendors, auditors, and regulatory bodies to maintain security standards

• oversee identity and access management (IAM) to prevent unauthorized access to sensitive data

• continuously evaluate and recommend new security tools and technologies to enhance the organization's defense against cyber threats

Requirements:

• bachelor’s degree in information security, cybersecurity, computer science, or a related field

• minimum of 5-8 years of experience in information security, with at least 3 years in a managerial role

• strong knowledge of cybersecurity frameworks, risk management, and security controls

• experience with security technologies such as firewalls, intrusion detection systems, SIEM, and endpoint protection

• certifications such as CISSP, CISM, CISA, or equivalent are highly preferred

• excellent problem-solving skills and ability to respond effectively to security incidents

• strong leadership and communication skills to work with technical and non-technical teams

• ability to manage multiple projects and meet deadlines in a fast-paced environment

• familiarity with cloud security, network security, and data protection best practices

• fluency in English; Arabic is a plus