IT Enterprise Security Manager

 The IT Enterprise Security Manager is a pivotal role responsible for establishing, implementing, and managing Transmed's overall information security strategy, governance, and operations. This role acts as the principal security technical guide to the CIO and senior management on all matters relating to enterprise security risks, compliance, protection and prevention.

The manager will lead the Information Security function, including the mentorship and direction of the associated team members, ensuring the effective execution of all security initiatives to safeguard Transmed’s data, systems, and infrastructure against evolving cyber threats.

Key Competencies & Skills:

• Lead, develop, implement, and maintain a comprehensive, multi-year information security strategy aligned with Transmed's business objectives and risk tolerance.

• Establish and enforce a robust security governance framework, including policies, standards, and procedures, ensuring alignment with industry best practices (e.g., ISO 27001, NIST, etc.) and regulatory requirements.

• Own the Transmed enterprise-wide security risk management program. Direct and oversee continuous risk assessments, vulnerability management, and penetration testing, ensuring effective mitigation strategies are implemented.

• Manage the IT security budget, including strategic planning, cost control, and the evaluation and selection of necessary security tools, technologies, and third-party vendors.

• Prepare and present business and executive-level security reports, risk posture updates, and business-value summaries.

• Lead, mentor, and develop the IT Security team, including direct management of the IT Security Lead and related personnel. Set performance objectives and foster a culture of high performance and continuous learning.

• Oversee and ensure the successful execution of the day-to-day security operations, including Incident Response, SIEM, and Security Monitoring activities.

• Identity and Access Management (IAM) processes and enforcement. Vulnerability/Patch Management and End-point Protection deployment. Network security controls (Firewalls, IDS/IPS) configuration and monitoring.

• Maintain, test, and lead the organization’s high-level incident response and disaster recovery plan. Oversee forensic investigations and post-incident reviews to continuously improve response capabilities.

• Ensure Transmed’s security posture complies with all applicable national, international, and industry-specific regulations and data privacy laws.

• Coordinate and serve as the primary point of contact for external and internal security audits and assessments. Drive the implementation of recommended corrective actions to enhance the security posture.
• Lead, design, implement, and champion an enterprise-wide security awareness and training program for all employees in collaboration with HR and Communications, promoting a strong, security-conscious culture.
  
  
• Perform other relevant duties as required by the Transmed business needs and priorities

Academic Education & Professional Certifications:

• Bachelor’s or Master’s degree in Information Security, Cybersecurity, Computer Science, Information Systems, or a related discipline.
• 10+ years of progressive experience in Information Security, with at least 5 years in a management role overseeing enterprise security operations.
• Preferred Certifications: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Cloud Security Professional (CCSP), or relevant risk management certifications.
• English proficiency is a must.

Operational & Managerial Experience:

• Proven ability to communicate complex security risks and technical issues clearly and concisely to non-technical executive stakeholders.
• Strong analytical and strategic planning skills with the ability to define long-term security roadmaps and manage strategic security initiatives
• Experience in project management, managing deliverables and milestones, on time, within budget, and quality performance in meeting business needs.
• Demonstrated experience in building, coaching, and managing high-performing security teams.
• Experience within the FMCG or Distribution industry, understanding the relevant business processes and security challenges is preferred.

Technical Skills & Knowledge:

• Proven expertise in infrastructure security, cloud security, network security, operating system security, and applications security.
• Strong experience in vulnerability assessment and penetration testing, encryption and cryptography
• Expert knowledge across various security domains to include Governance, Risk & Compliance (GRC), Cloud Security (AWS, Azure, OCI, or GCP), Infrastructure and Applications Security.
• Experience in incident response and forensics.

Language Skills

• Fluency in English

Other Requirements

• Flexibility to Travel