Information Security Manager

Kaspersky • Full-time • دبي, AE • 5d ago

Kaspersky has been protecting individuals and corporate clients all over the world from cyber threats for 27 years.

We have 400 million unique users, 270 000 corporate clients, 517 products, 1100 technological patents and 34 offices around the world.

Today our team has more than 5 000 top level experts, all of them regular people with their own talents and hobbies.

Together we protect the world from cyber threats.

Join us to become part of an exceptional team, while remaining yourself and using your skills to keep us growing and evolving!

The primary purpose of the Information Security Manager role is to oversee and manage all security-related functions across APAC, META, and Europe. The role involves ensuring employees have a clear understanding of both internal and externally defined security requirements. These security and compliance responsibilities will be carried out within the company’s established framework, ensuring the consistent application of security measures throughout the organization.

The responsibilities will include, but are not limited to:

Implementing Global KL Information Security requirements, policies, and procedures for APAC, META, and Europe, based on local and international legislation as well as company requirements.
Facilitating the creation and approval of new information security documentation, as well as providing input into the framework for that documentation.
Participating in the development and delivery of information security training materials.
Actively identifying opportunities for communication and training of company staff on topics related to security.
Ensuring compliance of all web, network, and infrastructure assets with Kaspersky Lab’s published documentation, including applicable security policies, standards, and procedures.
Identifying, reviewing, evaluating, tracking the status of, and overseeing the implementation of all security patches within the assigned area of responsibility, including validating patch application.
Collaborating with the global Security Department team to assist in ensuring the proper level of security for the region.
Performing and gathering information for internal audits related to Information Security.
Working with the Global IT Security Team and individual project teams to architect solutions that meet defined security requirements.
Completing all tasks identified in remediation plans developed in response to penetration tests and vulnerability assessments on time.
Designing and implementing measures related to Business Continuity and Disaster Recovery, as well as high-level policies.
Approving all Business Continuity and Disaster Recovery plans and coordinating related activities for APAC, META, and Europe.
Monitoring security advisories (e.g., CERT, SANS) for current security exploits and evaluating their applicability to Kaspersky Lab systems, along with other duties as reasonably determined by the company.
Collaborating with local divisions (e.g., HR, IT, Finance) to ensure the required level of data protection.
Performing due diligence for business partners and employees.
Conducting background checks of KL candidates.
Monitoring legislation and best practices in the area of Anti-Bribery and Corruption in APAC and META.
Organizing and supporting Compliance investigations and awareness initiatives in APAC, META, and Europe.

Requirements:

Bachelor’s degree in Computer Science, Information Security, or a related field.
Certified Information Security Manager (CISM) certification.
Certified Information Systems Security Professional (CISSP) certification.
8–10 years of hands-on experience in an IT Security function.
Broad technical and non-technical knowledge of security-related concepts and practices.
In-depth understanding of information security standards, regulations, and certifications (e.g., ISO 27001, ISO 27701, PCI DSS, SOC2).
Exceptional problem-solving skills and the ability to make sound decisions under pressure.
Strong leadership and interpersonal skills, with the ability to effectively communicate complex security issues to both technical and non-technical stakeholders.
Fluency in English.