Information Security Specialist Job in Jar App

Key Responsibilities: 1. Information Security Strategy: - Develop and maintain an information security strategy that supports business objectives and aligns with industry standards. - Identify potential security risks and vulnerabilities and develop strategies to mitigate them. - Stay up-to-date with the latest information security trends, technologies, and regulatory requirements. 2. Policy and Procedure Development: - Develop, implement, and maintain information security policies, procedures, and standards. - Ensure policies and procedures are communicated effectively to all relevant stakeholders. - Regularly review and update policies and procedures to address emerging threats and changes in the business environment. 3. Risk Management: - Conduct regular risk assessments to identify and evaluate potential security risks. - Develop and implement risk mitigation strategies and controls. - Monitor and report on the effectiveness of risk mitigation efforts to senior management. 4. Security Awareness and Training: - Develop and deliver security awareness programs to educate employees on information security best practices. - Conduct regular training sessions to ensure employees understand their roles and responsibilities regarding information security. - Foster a culture of security awareness and compliance throughout the organization. 5. Incident Response and Management: - Establish an incident response framework to effectively respond to and manage security incidents. - Lead incident response efforts, including containment, investigation, and remediation. - Coordinate with relevant internal teams and external stakeholders during security incidents. 6. Compliance and Audit: - Ensure compliance with relevant industry regulations and standards (e.g., PCI-DSS, GDPR, ISO 27001). - Coordinate and support internal and external audits related to information security. - Address audit findings and implement corrective actions as necessary. 7. Vendor Management: - Evaluate the security posture of third-party vendors and service providers. - Develop and maintain strong vendor security management processes, including due diligence and ongoing monitoring. 8. Security Governance: - Establish and chair the information security governance committee. - Provide regular updates and reports on information security status to senior management and stakeholders. Qualifications and Skills: - Bachelor's degree in computer science, information technology, or a related field. A master's degree is preferred. - Professional certifications such as CISSP, CISM, or CISA are highly desirable. - Proven experience in information security management, preferably within the fintech industry. - Strong knowledge of information security frameworks, standards, and best practices (e.g., ISO 27001, NIST Cybersecurity Framework). - Familiarity with relevant regulatory requirements, such as PCI-DSS, GDPR, and data privacy laws. - Experience in conducting risk assessments and developing risk management strategies. - Knowledge of secure software development practices and secure coding principles. - Excellent leadership and communication skills with the ability to effectively engage and influence stakeholders at all levels. - Strong problem-solving and analytical skills. - Ability to work independently and manage multiple priorities in a fast-paced environment.