This job listing has expired and may no longer be relevant!
12 Apr 2016

Full-Time Information Security Manager – Contract position

Pearson Lanka (Pvt) Ltd – Posted by Lanka Jobs Anywhere

Job Description


  • Responsible for all Information Security activities within Growth markets (South Africa, Brazil, India, China, LATAM and Middle East)

  • Accountable for Growth Region Security Governance, including driving geographic security forums, risk management, incident management and post incident reviews, and security improvement projects

  • Review all business and technology projects and ensure CISO requirements are implemented, serve as a subject matter expert and consultant to various project teams

  • Drive all Security Risk Assessment remediation work related to Infrastructure, Applications and Business Processes

  • Work with business stakeholders to ensure that Information Security policies and standards are integrated with business processes in the Geography, for example S-SDLC process

  • Review infrastructure & application security results from various static and dynamic security testing tools such as Qualys, IBM AppScan, Burp Suite and Checkmarx and interpret findings to various teams

  • Provide recommendations to development teams in resolving application security issues

  • Manage and coordinate all application security remediation work

  • Perform other vulnerability identification including system level reviews, vulnerability scans, and penetration tests on infrastructure and applications as required.

  • Provide security training and awareness sessions to developers, system administrators, and business-focused personnel

  • Work with cross-functional teams to drive the closure of identified vulnerabilities and security risks

  • Remain up to date on current information security risks, concepts, and approaches.

  • Work with application development teams to ensure OWASP ASVS (Application Security Verification Standard) requirements are implemented

  • Ability to create reports and perform risk assessments using industry standard control frameworks such as ISO 27001



  • Possession of Bachelor’s Degree in an IT-related discipline is required.

  • At least 8+ years of Information Security experience

  • Extensive experience in the information security field, designing and implementing enterprise security solutions in a global context.

  • Deep and Broad understanding related to technical security encompassing endpoint technologies, applications, application hosting, physical and virtual data  centre hosting

  • Excellent verbal and written communication skills with a wide range of audiences including technologists,executives, business stakeholders and IT team members.

  • Experience in leading matrix global teams.

  • Certifications such as CISSP, CISM, CRISC, CGEIT and CISA are  an added advantage

  • Strong problem-solving skills.

  • Understanding of common web vulnerabilities, including OWASP Top 10, Application Security Verification Standard (ASVS) is required

  • Familiarity with common security tools, including vulnerability scanners, Security Incident and Event Management, Intrusion Detection/Prevention Systems, Web Application Firewall, and web application assessment enabling tools.

  • Ability to understand and communicate business impact of information security risks.


How to Apply

Please click the link to apply -

Job Categories: Construction. Job Types: Full-Time.

610 total views, 1 today

Apply for this Job