An established airline with headquarters in Cyprus is currently looking for an Information Security Manager to join the team in their Larnaca-based offices. The successful candidate will have at least 10 years of relevant experience and be an expert in cybersecurity. If you want to join a growing and international company, then we look forward to receiving your CV for this Larnaca based Information Security Manager role.
-
Develop and implement comprehensive cybersecurity strategy, reflecting the company’s operational drivers and desired business outcomes, risk tolerance, and evolving risks, threats, and vulnerabilities.
-
Develop senior leader awareness and buy-in of cybersecurity program and initiatives, including reporting to leadership on cyber initiatives and strategy, program assessments, changes to risk profiles, and specific events.
-
Build and implement cyber risk quantification and risk prioritization of initiatives.
-
Develop protocols to periodically review the appropriateness of the cybersecurity program, inclusive of administrative and technical controls and processes, with such review to include risk assessments, industry standard compliance reviews, and periodic, risk-based penetration testing.
-
Develop and maintain designated risk-based cyber safeguards, including access controls, MFA, encryption, asset classification, change management, patch management, network segmentation, firewalls, detection technologies including network and endpoint security, insider threat protection, logging and network monitoring, and vulnerability management.
-
Develop secure lifecycle processes and operations, reflecting risk, threat, and vulnerability identification.
-
Manage cybersecurity audits, inclusive of security audits and RFPs.
-
Conduct regular internal and coordinate external security assessment, penetration tests, to proactively test the effectiveness of security controls.
-
Coordinate with compliance on remediation and program management.
-
Assist in the design and implementation of disaster recovery procedures, integration points with business continuity and managing the rollout of IT-enabled recovery and continuity procedures.
-
Maintain Incident Response Plan, including incident escalation framework and key incident-specific playbooks (e.g., ransomware), and serves as lead cybersecurity representative in incident response.
-
Oversee investigation capability, to include leveraging internal and external forensics and evidence collection and preservation as appropriate.
-
Maintain Business Continuity and Disaster Recovery (BC/DR) Response Plan, and serves as lead member of disaster recovery team.
-
Ability to manage and lead multiple complex projects in a fast-paced, dynamic operational environment, including ability to support flexible schedule for 24×7 crisis operations.
-
Excellent verbal and written in English.
-
Bachelor’s degree in a technical field; the ideal candidate will have a graduate degree in a technical field with at least 10 years of prior relevant experience.
-
Relevant certifications such as CISSP, CISM, GIAC GSE, SANS etc. highly preferred.
-
Detailed technical expertise of cloud architectures, especially Microsoft Azure and AWS , networks, routers and switches, wireless technologies, active directory, and leading software applications.
-
Expert level knowledge of developing and implementing defense-in-depth security program, including installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), anti-virus, anti-malware, and unified threat management (UTM).
-
Experience implementing a risk management framework and leveraging governance, risk, and compliance (GRC) concepts and tools.
-
Experience maintaining ISO 27001 certification and other industry standards, such as NIST CSF, NIST 800-53 and NIST 800-171, as appropriate, and working knowledge of Zero Trust architecture.
Due to the high volume of applications, we receive at GRS Recruitment, only shortlisted candidates will be responded to.