Information Security Manager
⚲ Budapest
16 738 - 26 303 PLN (PERMANENT)
Wymagania
- Cloud security
- Microsoft Azure
- MFA
- RBAC
- Windows
- Linux
- Microsoft Defender
- Firewall
- VPN
- ISO 27001
- NIST
- CISSP (nice to have)
- CISM (nice to have)
- ISO 27001 Lead Implementer/Auditor (nice to have)
- Elastic SIEM (nice to have)
- PowerShell (nice to have)
- Python (nice to have)
Opis stanowiska
O projekcie:
Location: Budapest
Reports to: CISO
Overview of the Position
The Information Security Manager is responsible for overseeing day-to-day security operations, maintaining and improving the organization’s security posture, and supporting governance, risk, and compliance activities. The role works closely with IT and business stakeholders and may evolve into a senior security leadership position.
This role is critical in ensuring that the company maintains a strong, credible, and scalable security posture aligned with the advanced cybersecurity services it delivers to clients. The Information Security Manager safeguards internal systems, data, and intellectual property, while establishing and operating effective security controls across cloud and on-prem infrastructures, endpoints, and business processes.
Why Join PCA Cyber Security
PCA Cyber Security is an innovative and rapidly growing leader in the cybersecurity space, trusted by top-tier clients across critical industries such as financial services, industrial OT, and automotive. Our cutting-edge solutions are designed to address the most complex security challenges in today’s dynamic threat landscape.
We offer a dynamic and inclusive culture, competitive compensation, and ample opportunities for professional growth.
Wymagania:
Required skills:
- Cloud Security: Microsoft Azure, Microsoft 365 security (Defender, Entra ID).- Identity & Access Management: MFA, RBAC, Conditional Access.- Operating Systems: Windows, Linux hardening and administration basics.- Endpoint Security: EDR/XDR solutions (e.g., Microsoft Defender).- Backup & Recovery: Backup solutions, disaster recovery planning, ransomware resilience.- Networking Basics: Firewalls, VPNs, segmentation, secure protocols.- Security Tools: vulnerability scanners, log analysis.- Standards & Frameworks: ISO 27001, NIST.
Nice to have:
- Certifications (CISSP, CISM, ISO 27001 Lead Implementer/Auditor).- Experience in audit coordination.- Experience with Elastic SIEM stack.- Scripting/automation (PowerShell, Python).
Codzienne zadania:
- Monitor security events and alerts.
- Lead and coordinate incident response activities.
- Investigate and resolve security incidents.
- Maintain incident response procedures and playbooks.
- Secure and monitor Microsoft 365 cloud environments.
- Implement and manage identity and access controls.
- Work with IT on securing operating systems (Windows/Linux) and endpoints.
- Oversee backup and recovery strategies, ensuring protection against ransomware and data loss.
- Support secure configuration of networks, servers, and cloud services.
- Support the maintain and improvement of security policies, standards, and procedures.
- Support internal and external audits (TISAX, ISO 27001).
- Conduct internal security assessments and risk analyses.
- Track remediation activities and risk treatment plans.
- Work closely with IT on secure system design and operations.
- Ensure security controls are embedded in infrastructure and projects.
- Provide guidance on security best practices.
- Oversee vulnerability management and remediation.
- Recommend and implement security improvements.
- Track KPIs and report on security posture.
- Lead security awareness initiatives.
- Promote a security-first culture across the organization.
Location: Budapest
Reports to: CISO
Overview of the Position
The Information Security Manager is responsible for overseeing day-to-day security operations, maintaining and improving the organization’s security posture, and supporting governance, risk, and compliance activities. The role works closely with IT and business stakeholders and may evolve into a senior security leadership position.
This role is critical in ensuring that the company maintains a strong, credible, and scalable security posture aligned with the advanced cybersecurity services it delivers to clients. The Information Security Manager safeguards internal systems, data, and intellectual property, while establishing and operating effective security controls across cloud and on-prem infrastructures, endpoints, and business processes.
Why Join PCA Cyber Security
PCA Cyber Security is an innovative and rapidly growing leader in the cybersecurity space, trusted by top-tier clients across critical industries such as financial services, industrial OT, and automotive. Our cutting-edge solutions are designed to address the most complex security challenges in today’s dynamic threat landscape.
We offer a dynamic and inclusive culture, competitive compensation, and ample opportunities for professional growth.
Wymagania:
Required skills:
- Cloud Security: Microsoft Azure, Microsoft 365 security (Defender, Entra ID).- Identity & Access Management: MFA, RBAC, Conditional Access.- Operating Systems: Windows, Linux hardening and administration basics.- Endpoint Security: EDR/XDR solutions (e.g., Microsoft Defender).- Backup & Recovery: Backup solutions, disaster recovery planning, ransomware resilience.- Networking Basics: Firewalls, VPNs, segmentation, secure protocols.- Security Tools: vulnerability scanners, log analysis.- Standards & Frameworks: ISO 27001, NIST.
Nice to have:
- Certifications (CISSP, CISM, ISO 27001 Lead Implementer/Auditor).- Experience in audit coordination.- Experience with Elastic SIEM stack.- Scripting/automation (PowerShell, Python).
Codzienne zadania:
- Monitor security events and alerts.
- Lead and coordinate incident response activities.
- Investigate and resolve security incidents.
- Maintain incident response procedures and playbooks.
- Secure and monitor Microsoft 365 cloud environments.
- Implement and manage identity and access controls.
- Work with IT on securing operating systems (Windows/Linux) and endpoints.
- Oversee backup and recovery strategies, ensuring protection against ransomware and data loss.
- Support secure configuration of networks, servers, and cloud services.
- Support the maintain and improvement of security policies, standards, and procedures.
- Support internal and external audits (TISAX, ISO 27001).
- Conduct internal security assessments and risk analyses.
- Track remediation activities and risk treatment plans.
- Work closely with IT on secure system design and operations.
- Ensure security controls are embedded in infrastructure and projects.
- Provide guidance on security best practices.
- Oversee vulnerability management and remediation.
- Recommend and implement security improvements.
- Track KPIs and report on security posture.
- Lead security awareness initiatives.
- Promote a security-first culture across the organization.
🔍 Dekoder Ogłoszenia
🔴
may evolve into a senior security leadership position
Obecnie nie jest to stanowisko seniorskie, a potencjalny rozwój zależy od wielu czynników i może nie nastąpić.
🔴
advanced cybersecurity services it delivers to clients
Firma oferuje zaawansowane usługi, co może oznaczać wysokie oczekiwania wobec umiejętności i wiedzy pracownika w tym obszarze.
🟡
dynamic and inclusive culture
Może oznaczać zarówno pozytywną atmosferę, jak i potencjalnie chaotyczne środowisko pracy z częstymi zmianami.
🟡
ample opportunities for professional growth
Może oznaczać rzeczywiste możliwości rozwoju, ale też po prostu standardową ofertę szkoleń i awansów, które są powszechne w branży.