At arenaflex, we're committed to fostering a culture of innovation, collaboration, and excellence. As a leading player in the private sector, we're constantly pushing the boundaries of what's possible in the world of finance and technology. Our Global Risk and Compliance (GRC) team is at the forefront of this effort, working tirelessly to ensure that our organization operates with the highest level of integrity and transparency.
In a world where digitalization and technological advancements are transforming the way we live and work, the importance of information security cannot be overstated. Cyber threats are becoming increasingly sophisticated, and the stakes are higher than ever. That's why we're seeking an exceptional Information Security Manager to join our second-line risk management team. This is an incredible opportunity to work with a talented group of professionals who are shaping the future of information security and risk governance at arenaflex.
**About the Role**
As an Information Security Manager, you'll be responsible for providing independent, proactive risk management and oversight of information security, network security, and business continuity management risks across the organization. You'll work closely with key stakeholders across lines of business and lines of defense to ensure that risks are managed effectively and efficiently in accordance with arenaflex's policies and regulatory requirements.
**Key Responsibilities**
* Conduct independent, proactive risk management and oversight of information security, network security, and business continuity management risks across the organization
* Perform data-driven audits focused on information security processes, network security controls, and business continuity management risks
* Lead exploratory data analysis on large datasets using SQL, Python, and Excel to develop meaningful insights on network security and information-related data
* Create and update data-driven key risk indicators (KRIs) and key performance indicators (KPIs) that provide real-time insights into risk and performance patterns
* Stay up-to-date with relevant regulations, standards, and industry best practices
* Support the development of a comprehensive information security risk management program that defines the scope and integration with other risk management programs, including IT risk self-assessments, business continuity management, new product approvals, mergers and acquisitions, etc.
**Essential Qualifications**
* Bachelor's degree in a relevant field (e.g., computer science, data systems)
* 5+ years of experience in risk management across any of the three lines of defense
* Proven ability to identify risks, analyze issues, and determine significant insights about risk patterns by conducting interviews and examining large volumes of data
* Strong knowledge of frameworks, cloud security, digital intelligence, and digital incident response
* Excellent analytical skills with high accuracy and attention to detail
* Strong knowledge of at least one data mining/ large data analytics tool (e.g., Microsoft Excel: PowerPivot, SQL, SAS, Python, R)
* Excellent decision-making and critical thinking skills
* Self-starter with minimal management required
* Strong verbal, written, and interpersonal skills
* Ability to challenge conventional thinking by effectively engaging in constructive dialogue
**Preferred Qualifications**
* Educational background: Software engineering or Data Systems
* Experience in risk management across network security, data innovation, outsourcing, business continuity management
* Industry certifications (e.g., CISM, CISA, CRISC, CISSP)
* Cloud security certifications (e.g., CCSK, CompTIA Cloud +, CCSP, Purple Security, etc.)
* Understanding of risk assessment methodologies, frameworks, and industry standards (e.g., COSO, COBIT, ISO 27001, FAIR or NIST RMF)
* Knowledge of significant regulations and guidelines (e.g., OCC Enhanced Principles, FFIEC IT booklets)
* Experience with Governance, Risk, and Compliance (GRC) tools (e.g., Bowler)
**What We Offer**
* Competitive salary and benefits package
* Opportunities for career growth and professional development
* Collaborative and dynamic work environment
* Recognition and rewards for outstanding performance
* Access to cutting-edge technology and tools
* Flexible work arrangements and remote work options
**How to Apply**
If you're a motivated and experienced professional looking for a new challenge, we encourage you to apply for this exciting opportunity. Please submit your resume and a cover letter outlining your qualifications and experience. We can't wait to hear from you!