Manager, Information Security Management

Role Summary

We are looking for a Manager, Information Security Management to join the ISM team in our Bucharest location. In this role, you will contribute to the development and continuous improvement of the SES information security management and policy framework, and manage information security projects following the SES information security roadmap. Additionally, you will manage information security risks, design, and implement information security concepts to safeguard SES's assets. You will also provide information and cyber security related support in projects across the organization.

All applicants must be native to a NATO country (EU nationality is a plus) and willing to undergo a secret clearance process.

Key Responsibilities

• Coordinate the development and continuous improvement of the SES information security management system in accordance with industry standards and best practices.
• Identify, assess, and manage information security risks.
• Manage compliance to the information security policy framework.
• Liaise with relevant stakeholders across the organization to develop and promote information security policies, standards, processes, and procedures.
• Support the definition and implementation of SES’s information security strategy and framework by assessing information security risks and specifying and implementing information security controls to mitigate key risks.
• Manage assigned information security projects and budgets as laid down in SES’s information security strategy and deliver them within time, cost, and scope.
• Design, implement, and document information security concepts and information security controls, including coordination of various business stakeholders and engineering groups.
• Perform information security audits and vulnerability assessments and support the management of vulnerabilities.
• Support the detection and analysis of information security incidents and manage adequate responses to information security incidents.
• Support the development and maintenance of SES’s information security awareness program and delivery of awareness sessions.
• Provide clear, concise, timely, and constructive recommendations regarding information security in all areas related to information systems, networks, and applications.
• Travel as required.

Your Profile

Must have:

• Degree in Computer Science, and a minimum of 9 years' of industry related experience.
• All applicants must be native to a NATO country (EU nationality is a plus), and willing to undergo a secret clearance process.
• Strong knowledge of Information Security Standards and good practices, including ISO 27000 series, NIST SP-800 series (e.g., NIST800-53), etc.
• Strong hands-on knowledge of and experience with implementing and maintaining Information Security Management Systems in accordance with ISO 27001 and best practices.
• Hands-on knowledge of and experience with securing cloud environments.
• Knowledge of the following topics:
  • Information Security Risk Management frameworks and methodologies.
  • Network security, system security, application security, and security design.
  • Cyber security threats, vulnerabilities, security technologies, and controls.
  • Data Protection and Data Privacy.
  • Vulnerability, compliance, and patch management for complex networks, systems, and applications.

Nice to Have:

• Relevant certifications (e.g., ISO 27001 Lead Implementer, ISO 27005 Certified Risk Manager, CISM, CISA, CISSP) and knowledge of the satellite industry are a plus.
• Consulting experience is considered an advantage.

What's In It For You

• Flexible working policy.
• Bonus plans.
• Comprehensive and competitive benefits plan.
• A range of wellness activities and employee assistance programs.

Key skills/competency

• Information Security Management System (ISMS)
• ISO 27001
• NIST SP-800 Series
• Risk Management
• Cloud Security
• Network Security
• Cybersecurity
• Data Protection
• Vulnerability Management
• Security Architecture