Information Security Manager at Harmony SASE
Tasks
- Answer customer security questionnaires
- Build and operate ISMS
- Collect evidence for audits
- Conduct secure architecture reviews
- Coordinate internal and external audits
- Deliver security training
- Design access reviews
- Design and operate security automation
- Develop AI secure SDLC framework
- Drive security findings to remediation
- Implement Least Privilege
- Implement secure software development lifecycle
- Improve ISMS controls
- Integrate security into CI/CD pipelines
- Lead Product Security Team
- Lead incident response
- Maintain ISO IEC 27001 compliance
- Maintain SOC 2 Type II compliance
- Manage GDPR compliance
- Manage incident preparedness detection containment eradication recovery lessons learned
- Manage third party vendor risk program
- Operate application security tooling stack
- Oversee identity and access governance
- Own compliance roadmap
- Perform enterprise risk assessments
- Perform threat modeling
- Promote secure coding practices
- Remediate audit findings
- Respond to RFPs security due diligence
- Run AI security scanning
- Run DAST
- Run SAST
- Run secret scanning
- Support segregation of duties
- Translate regulations into security program improvements
Perks/Benefits
- N/A
Skills/Tech-stack
800-53 | Access Management | Architecture Reviews | Audit Evidence Collection | Audit evidence | CI/CD | CIS Controls | Cloud Controls Matrix | Cloud Controls Matrix CCM | Cloud controls | DAST | DORA | Development Lifecycle | Evidence collection | FedRAMP | GDPR | HIPAA | IEC 27001 | ISO/IEC | ISO/IEC 27001 | Identity and Access Management | Identity and access | Incident Response | Least Privilege | NIST | NIST 800 | NIST 800-53 | NIST CSF | OWASP Top | OWASP Top 10 | PCI DSS | Risk Assessment | Risk Management | SAST | SCA | SOC 2 | Secret Scanning | Secure Architecture | Secure Software | Secure Software Development | Secure Software Development Lifecycle | Secure architecture reviews | Security Automation | Security training | Segregation of Duties | Software Development Lifecycle | Third Party | Third-Party Risk | Third-party risk management | Threat modeling | Top 10
Education
Related jobs
-
800-53 | AI Security | AI security scanning | ASPM | Access ManagementExecutive-level Full TimeTel Aviv/ Hybrid (Israel), Israel R2d ago
-
Automation | Big Data | CI/CD | Cloud infrastructure | Cloud platformFlexibility to work from anywhere | International team collaboration | Remote-first | Work-life balanceExecutive-level Full TimeIsrael R6d ago