Information Security Manager
NeoGames
- Mansfield, MA
- Permanent
- Full-time
- Develop and execute a robust information security strategy aligned with organizational goals and industry best practices.
- Assess and prioritize security risks and formulate effective risk management strategies.
- Collaborate with cross-functional teams to integrate security measures into business processes and applications.
- Establish and maintain information security policies, standards, and guidelines.
- Ensure policies are communicated effectively and consistently applied across the North America market.
- Regularly review and update security documentation to reflect changes in the threat landscape and business requirements.
- Ensure compliance with relevant data protection laws, regulations, and industry standards.
- Coordinate and participate in security audits, assessments, and certification processes.
- Work closely with legal and compliance teams to address any security-related legal and regulatory requirements.
- Develop and maintain an incident response plan to address security incidents promptly and effectively.
- Lead incident response efforts, including investigation, containment, and resolution.
- Conduct post-incident analysis and implement corrective actions to prevent future occurrences.
- Develop and deliver security awareness programs to educate employees on information security best practices.
- Provide regular training sessions to ensure that employees are equipped to identify and respond to security threats.
- Evaluate the security posture of vendors and third-party partners.
- Establish and maintain a robust vendor risk management program to ensure the security of third-party relationships.
- Oversee the selection, implementation, and maintenance of security technologies.
- Work closely with the IT team to ensure that security controls are integrated seamlessly into the technology infrastructure.
- Provide periodic reports outlining the status of information security to both HQ leadership and Customers, incorporating Key Performance Indicators (KPIs) for a comprehensive assessment.
- Communicate effectively with stakeholders, addressing security concerns and providing guidance on best practices.
- Assist in security-related documentation (RFPs, PPTs, etc.)
- Bachelor's or master's degree in information security, cybersecurity, or a related field.
- Industry-recognized certifications such as CISSP, CISM, or CISA.
- Proven of minimum 5 years of experience in information security management (not consulting), with a focus on the North America market.
- Strong understanding of relevant data protection laws, regulations, and industry standards.
- Excellent communication and leadership skills.
- Ability to collaborate with diverse teams and drive a culture of security awareness.