Startup Jobs
Post a Job
Precisely International

Information Security Manager

Remote

AI overview

Lead a team managing security controls in a data processing environment, ensuring compliance with multiple standards and certifications while addressing security risks and audits.

Application and Interview Impersonation Notice:  Impersonating another individual when applying for employment, and/or participating in an interview process to assist another individual in obtaining employment, with Precisely Software Incorporated (“Precisely”) is unlawful.  If Precisely identifies such fraudulent conduct, then as applicable and to the extent permitted by law, the application will be rejected, an offer (if made) will be rescinded, or the employment will be terminated, and legal action may be taken against the impersonators.

 

Precisely is the leader in data integrity. We empower businesses to make more confident decisions based on trusted data through a unique combination of software, data enrichment products and strategic services. What does this mean to you? For starters, it means joining a company focused on delivering outstanding innovation and support that helps customers increase revenue, lower costs and reduce risk. In fact, Precisely powers better decisions for more than 12,000 global organizations, including 95 of the Fortune 100. Precisely's 2500 employees are unified by four company core values that are central to who we are and how we operate: Openness, Determination, Individuality, and Collaboration. We are committed to career development for our employees and offer opportunities for growth, learning and building community. With a "work from anywhere" culture, we celebrate diversity in a distributed environment with a presence in 30 countries as well as 20 offices in over 5 continents. Learn more about why it's an exciting time to join Precisely!

Overview:  Engage is a business unit that builds software products that process personal data, and we are looking for an Information Security Manager who can align product design with security and privacy requirements. You will lead a team that manages technical and process security controls, and you will work within our broader security and governance model under the guidance of our security and privacy leaders. You will help keep our controls current, support audits, and ensure that product and services teams follow our security policies. You will also partner with compliance groups and external auditors to maintain certifications and meet regulatory needs. You will communicate risks to our security risk boards and leadership teams. You will succeed in this role by understanding our technology, staying current with security standards, and bringing strong experience from similar roles in distributed organizations. This role will report to Senior Director of Software Development.

What you will do:

  • Align to Precisely Information Security Management System across the Engage business unit that addresses the needs of Engage, staff, partners, customers, and other external stakeholders in line with relevant legislation and industry standards
  • Maintain current SOC 1 & 2 Type II, HIPAA HITECH and ISO 27001 & 27701 certification for Engage software products.
  • Maintain documentation and processes necessary to comply with contractual obligations, customer security requirements and internal requirements.
  • Propose changes to the Engage Information and Cyber Security systems, processes and procedures by continuously analysing and reviewing appropriate security technologies and practices as informed by Precisely standards.
  • Ensure that information and Cyber Security risks to Engage are identified and managed appropriately. Communicate security risks to Precisely InfoSec Risk Board and senior leadership.
  • Coordinate quarterly DAST scans, annual internal pen testing and annual third-party penetration testing across all Engage products.
  • Maintain accurate security scorecards across all products. Work with product teams to prioritise work to improve security score.
  • Coordinate annual legal review of privacy across Engage products.
  • Assist investigations into information security breaches under Precisely Incident Response process with Precisely CyberSecurity Operations Center ensuring root-causes of such breaches are understood and addressed.
  • Assist as SME in responding to information security questionnaires during RFP process. 

What we are looking for:

Experience:

  • Management of an Information Security Management System in a complex IT organisation encompassing service delivery, application development and IT infrastructure. 
  • Completion of Information Security questionnaires as part of RFP responses. 
  • Line management of team members. 

Knowledge:

  • An excellent understanding of best practice within Information Security and risk management including standards such as ISO 27001. 
  • A strong understanding of one or more areas or legislation and regulations that impact information Security E.g. GDPR, HIPAA, PCIDSS, CCPA. 
  • An understanding of current and emerging threats and countermeasures and the product challenges to addressing these threats 
  • An understanding of Application Security threats and countermeasures 
  • A good practical knowledge of security technologies and wider business solutions including DevOps, Identity and Access Management, penetration testing tools, remote working and cloud technologies. 

Skills:

  • The ability to work within a compliance or regulatory framework and to evidence continuous improvement. 
  • Excellent communication skills, both written and verbal. Ability to present complex or highly technical issues in simple and easy-to-understand formats. 
  • An ability to think and plan strategically and systematically while recognising the need to deliver to the business requirements. 
  • The ability to be pragmatic while balancing the needs of the business against security 
  • The ability to cut through organisational and political barriers to achieve the overall goal. 

 Qualifications: 

  • An appropriate degree, equivalent qualification or experience. 

 Preferred requirements: 

  • One or more of the following qualifications are highly desirable: 
  • Certified Information Security Manager (CISM) 
  • Certified Information Systems Security Professional (CISSP) 
  • Certified Information systems Auditor (CISA) 
  • Achieved Senior or Lead level certification in the NCSC’s Certified Cyber Professional scheme in one or more of Security and Information Risk Advisor (SIRA), IA Architect, IA Auditor, IT Security Officer 
  • Experience using GRC platforms to define and manage InfoSec policies, prepare for audits and manage risk. 
  • Experience of tooling to manage RFP responses. 
  • Perform SAST/DAST scans & Pen Test assessments. 
  • Experience with automated cloud compliance. 

#LI-ZB1

The personal data that you provide as a part of this job application will be handled in accordance with relevant laws. For more information about how Precisely handles the personal data of job applicants, please see the Precisely Candidate Privacy Notice

 Precisely International

Welcome to our International employment section. Here you can view our current job openings and apply for positions online. At Precisely, we’re looking for employees who value openness, collaboration, determination, and individuality at work. We celebrate everything that makes an applicant unique. We will consider all qualified applicants without regard to race, color, creed, religion, sex (including pregnancy), age, sexual orientation, gender identity, gender expression, national origin, ancestry, physical or mental disability, marital status, genetic information, citizenship status, or veterans’ status or other applicable legally protected characteristics. We are committed to providing reasonable accommodations for candidates with disabilities in our recruiting process. If you need an accommodation due to a disability, please let us know at [email protected]. In your email please include a description of the specific accommodation you are requesting and the position along with the location for which you are applying. Application and Interview Impersonation Notice: Impersonating another individual when applying for employment, and/or participating in an interview process to assist another individual in obtaining employment, with Precisely Software Incorporated (“Precisely”) is unlawful.  If Precisely identifies such fraudulent conduct, then as applicable and to the extent permitted by law, the application will be rejected, an offer (if made) will be rescinded, or the employment will be terminated, and legal action may be taken against the impersonators. It is a requirement for all roles at Precisely to adhere to applicable data privacy and security laws, rules, regulations, and company policies. For more information about Precisely’s privacy practices, please see our Privacy Notice: https://www.precisely.com/legal/privacy-notice.

Website LinkedIn
View all jobs
Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Information Security Manager Q&A's
Report this job
Apply for this job