HORIZON COMPUTER MANAGEMENT PTE. LTD.
INFORMATION SECURITY MANAGER
HORIZON COMPUTER MANAGEMENT PTE. LTD., West Islip, New York, United States
Key Responsibilities
Develop, implement, and manage the organization's
information security strategy, policies, and procedures . Lead the design and enforcement of
security controls
to protect systems, networks, and data from cyber threats. Manage a team of security professionals, providing
technical guidance, mentoring, and performance management . Oversee
risk assessments, vulnerability management, penetration testing, and incident response . Ensure compliance with
regulatory requirements, industry standards, and frameworks
(e.g., ISO 27001, NIST, GDPR, PCI-DSS, HIPAA). Collaborate with IT, DevOps, and business teams to embed security into
application development and infrastructure design . Manage
security operations center (SOC) activities , including monitoring, threat detection, and escalation. Define, track, and report
security KPIs and risk metrics
to senior leadership. Evaluate, select, and implement
security tools and technologies
to strengthen organizational defenses. Lead security awareness and training programs to promote a
strong security culture . Required Technical Skills (Tough Skills)
Cybersecurity & Risk Management : Strong knowledge of
threat modeling, risk assessment methodologies, incident response frameworks , and
business continuity planning . Security Technologies : Hands-on expertise with
firewalls, IDS/IPS, SIEM (Splunk, QRadar, ELK), EDR/XDR, DLP, IAM, PAM solutions, WAF, and CASB . Cloud Security : Proficiency in securing workloads on
AWS, Azure, and GCP , including
IAM, KMS, Cloud Security Posture Management (CSPM) . Application & Network Security : Experience in
secure SDLC, DevSecOps practices, vulnerability management, penetration testing tools (Burp Suite, Metasploit, Nessus, Qualys) . Cryptography & Data Protection : Understanding of
PKI, SSL/TLS, encryption protocols, key management, tokenization, and data masking . Governance, Risk & Compliance (GRC) : Familiarity with
ISO 27001, SOC 2, NIST CSF, COBIT, GDPR, HIPAA, PCI-DSS
frameworks. Incident Response & Forensics : Ability to manage
SIEM alerts, digital forensics, malware analysis , and lead response teams during breaches. Scripting & Automation : Knowledge of
Python, PowerShell, or Bash
for automating security operations and log analysis. Good to Have
Security certifications such as
CISSP, CISM, CISA, CEH, OSCP, CCSP, ISO 27001 Lead Implementer/Auditor . Experience in
Zero Trust Architecture
and
container security (Docker, Kubernetes) . Knowledge of
threat intelligence platforms and SOC automation (SOAR) .
#J-18808-Ljbffr
Develop, implement, and manage the organization's
information security strategy, policies, and procedures . Lead the design and enforcement of
security controls
to protect systems, networks, and data from cyber threats. Manage a team of security professionals, providing
technical guidance, mentoring, and performance management . Oversee
risk assessments, vulnerability management, penetration testing, and incident response . Ensure compliance with
regulatory requirements, industry standards, and frameworks
(e.g., ISO 27001, NIST, GDPR, PCI-DSS, HIPAA). Collaborate with IT, DevOps, and business teams to embed security into
application development and infrastructure design . Manage
security operations center (SOC) activities , including monitoring, threat detection, and escalation. Define, track, and report
security KPIs and risk metrics
to senior leadership. Evaluate, select, and implement
security tools and technologies
to strengthen organizational defenses. Lead security awareness and training programs to promote a
strong security culture . Required Technical Skills (Tough Skills)
Cybersecurity & Risk Management : Strong knowledge of
threat modeling, risk assessment methodologies, incident response frameworks , and
business continuity planning . Security Technologies : Hands-on expertise with
firewalls, IDS/IPS, SIEM (Splunk, QRadar, ELK), EDR/XDR, DLP, IAM, PAM solutions, WAF, and CASB . Cloud Security : Proficiency in securing workloads on
AWS, Azure, and GCP , including
IAM, KMS, Cloud Security Posture Management (CSPM) . Application & Network Security : Experience in
secure SDLC, DevSecOps practices, vulnerability management, penetration testing tools (Burp Suite, Metasploit, Nessus, Qualys) . Cryptography & Data Protection : Understanding of
PKI, SSL/TLS, encryption protocols, key management, tokenization, and data masking . Governance, Risk & Compliance (GRC) : Familiarity with
ISO 27001, SOC 2, NIST CSF, COBIT, GDPR, HIPAA, PCI-DSS
frameworks. Incident Response & Forensics : Ability to manage
SIEM alerts, digital forensics, malware analysis , and lead response teams during breaches. Scripting & Automation : Knowledge of
Python, PowerShell, or Bash
for automating security operations and log analysis. Good to Have
Security certifications such as
CISSP, CISM, CISA, CEH, OSCP, CCSP, ISO 27001 Lead Implementer/Auditor . Experience in
Zero Trust Architecture
and
container security (Docker, Kubernetes) . Knowledge of
threat intelligence platforms and SOC automation (SOAR) .
#J-18808-Ljbffr