InfoSec Manager

Our client is looking for a InfoSec Manager to play a crucial role in safeguarding their organization's digital assets, building and maintaining trust among customers and stakeholders by ensuring the integrity, and confidentiality.

Your responsibilities:

1. Security Strategy and Policy Development:

- Develop and implement a comprehensive information security strategy that aligns with the company’s objectives and regulatory requirements specific to iGaming.

- Establish and maintain security policies and procedures that protect the organization's systems and data from cyber threats.

2. Risk Management:

- Conduct regular risk assessments to identify vulnerabilities within the organization’s IT infrastructure and data management practices.

- Develop risk mitigation strategies and prioritize security initiatives based on potential impact and likelihood of threats.

3. Compliance and Regulatory Adherence:

- Ensure that the organization complies with national and international regulations related to information security and data protection, such as GDPR, PCI DSS, and any iGaming-specific legislation.

- Keep abreast of new regulations and industry standards, updating policies and practices as necessary.

4. Incident Response and Management:

- Develop and maintain an incident response plan to quickly and effectively address security breaches or data leaks.

- Lead incident response efforts, coordinating with IT, legal, and communications teams to mitigate damage and communicate transparently with stakeholders.

5. Security Awareness and Training:

- Implement an ongoing security awareness training program for all employees to recognize and prevent security threats.

- Conduct regular training and simulations to ensure staff are aware of the latest phishing and social engineering tactics.

6. Data Protection and Privacy:

- Oversee the protection of sensitive customer data, ensuring encryption, access control, and data integrity measures are in place and effective.

- Work closely with the legal team to ensure data handling practices comply with privacy laws and regulations.

7. Cybersecurity Technologies:

- Evaluate, select, and implement security technologies such as firewalls, intrusion detection systems, and encryption tools to enhance the organization’s defense capabilities.

- Stay updated on emerging security technologies and assess their potential application within the iGaming industry.

8. Vendor and Third-Party Risk Management:

- Assess and monitor the security practices of third-party vendors and partners to ensure they meet the organization's standards.

- Implement security requirements and conduct regular audits of third-party providers to manage risk exposure.

9. Security Monitoring and Analytics:

- Oversee the continuous monitoring of the organization's networks and systems for security breaches or anomalies.

- Utilize security information and event management (SIEM) tools to analyze security logs and detect potential threats.

10. Budget and Resource Management:

- Develop and manage the information security budget, ensuring resources are allocated effectively to prioritize and address critical security needs.

- Advocate for necessary security investments to senior management, demonstrating the value and necessity of security initiatives.

11. Crisis Management and Communication:

- Prepare crisis management plans for significant security incidents and lead the response to ensure minimal impact on business operations and reputation.

- Coordinate communication with internal and external stakeholders during and after security incidents to maintain trust and transparency.

Your Experience:

• 5+ years of experience in Crypto or iGaming related industries;

Y our Skillset:

• Experience in IT security management, with a strong technical background in network security, vulnerability management and the ability to detect and respond to security incidents.
• Deep understanding of cybersecurity threats, data protection laws, and the technical aspects of information security.
• Knowledge of the services like Microsoft Office, Atlassian and Fortinet firewall.
• Experience in leading and managing cross-functional teams, including subcontractors.
• Hands-on technical experience and willingness to engage in hands-on work with basic programming knowledge.
• Familiarity with regulatory compliance requirements and experience in writing security guidelines and policies.
• Strong analytical and problem-solving skills, with a focus on risk management and incident response.
• Fluency in Russian and proficiency in English.
• Ability to independently recognize problems and propose solutions, considering various factors and potential outcomes.
• Ability to work in a fast-paced environment and under pressure.
• Effective communication and high level of emotional self-management.

Offer:

• Locational flexibility and fully remote work.
• Challenging work in an exciting I-gaming world.
• Competitive salary and great colleagues.