Information Security Manager

Information Security Manager

Arbetsbeskrivning

Mentimeter’s vision is to transform presentations and meetings into fun and interactive experiences by making it easy to listen and to be heard. We believe in giving everyone a voice, in every meeting and presentation. We are building a modern, friendly, and diverse product-first tech company based in Stockholm and we want you to join us!
In the role of Information Security Manager you are leading the Information Security efforts across all of our departments and offices. As such it’s important that you can balance business value with security risk and that you can efficiently and effectively communicate with people both inside and outside the company as needed to fulfill your mission.
Your main responsibility is to safeguard the company assets and people by proactively managing our risk levels in both Social, Software and Physical aspects. You also own the security aspects of Certifications and Validations as necessary to ensure we have the right level of security and trust displayed towards customers or potential customers.
In this role you work from executive level decisions in the field of certifications (e.g. ISO 27001) together with our CTO and our Management team, data classifications and the company security plan, security processes to hands on making sure we are keeping our customers' data safe in our transactions. We must also ensure to be transparent with our security efforts in order to aid our sales department in their sales efforts. As such you need to learn all aspects of the company and be able to put the security aspects in relation to business value and effectiveness of product delivery.
Everyone in the company is responsible for upholding our Security policies and we have security roles within certain departments, but this is the first role that connects all our security efforts and will be the main responsible and point of contact. This means, for example, that you will support, guide and challenge in achieving the right level of protection. You also are accountable for the department wide aspects of doing security reviews and testing, such as but not limited to Penetration tests, Vulnerability scans and disaster recovery training, device and account off-boarding etc. A subset of these activities will be performed by other colleagues but you will follow up that they are being performed correctly in a timely manner.
Responsibilities for the Information Security Manager:
Certifications, Validations, Data classification, Security plan, Security roadmap and other high level ownerships in the Security field across all departments.
Ownership for driving the security initiatives and ongoing work by leveraging security champions in other teams
Be a subject matter expert in the security field across domains such as security validation, physical security, development principles.
Processes (Vulnerability Management, Incident Response, Device management etc), Tools, Visualisations, Testing and Validation for security in the Product development process
Physical security in our offices, for our devices and training for security awareness for all employees
Collaborate with many different parts of the organisation on Security aspects, e.g. Legal, Engineering, Sales etc
Own the strategy for the area defining the overall roadmap and goal setting in collaboration with other colleagues, e.g. CTO

Skills & Requirements
We believe you have:
To be successful in this role, we believe you have a passion for and experience in the information security field. You could have a background within software engineering, but it is not a prerequisite for this role. You are familiar with the importance of device management, infrastructure security, vulnerability management, data classification and similar security controls and have experience in some of these areas.
You also enjoy both working hands on ensuring our security practices are being followed (e.g. security training, account offboarding, physical security, device management etc) as well as effectively delegating certain tasks as well as doing strategic planning for improving our security posture over time. We also expect you to be able to take your own initiative and shape the role according to the organization’s needs since you will be the first person having this responsibility.
As you will be working with information security across all our departments, strong communication skills with both technical and non-technical stakeholders in the English language is needed. Sometimes the role will also require collaborating with external specialist resources. We believe that you have a thorough but still pragmatic mindset and are able to clearly document and communicate the risk appetite levels involved with decisions affecting information security.
Have you worked with risk and security analysis and plans? Do you have knowledge in ISO 27001 or any similar certifications? Have you worked in modern development organizations and cloud based IT environments? GREAT if you do and it's okay if you don’t! These are not prerequisites for the role.

Sammanfattning

  • Arbetsplats: Mentimeter AB Stockholm
  • 5 platser
  • Tills vidare
  • Heltid
  • Fast månads- vecko- eller timlön
  • Publicerat: 23 december 2022
  • Ansök senast: 22 januari 2023

Postadress

Alströmergatan 22 1TR
Stockholm, 11247

Liknande jobb


6 september 2024

Quality Manager

Quality Manager

5 september 2024

Project Manager

Project Manager

5 september 2024

Sales Director

Sales Director

4 september 2024