The Manager, Infrastructure Security will be responsible for ensuring the security, compliance and resilience of the organisation's IT infrastructure. This role is an individual contributor position that requires hands-on technical expertise in infrastructure security management, compliance frameworks (including PCI DSS 4.0), and operational security processes. The individual will work closely with IT custodians, risk management, and internal stakeholders to maintain a strong security posture.
- Establish, maintain, and periodically review standard operating procedures (SOPs) for business-as-usual (BAU) infrastructure security management.
- Ensure security policies and standards are consistently implemented across on-premises, cloud, and hybrid platforms.
- Establish and maintain processes aligned with PCI DSS 4.0 requirements to support ongoing compliance readiness.
- Maintain and continuously improve processes and documentation related to infrastructure security.
- Perform firewall rule reviews on a periodic basis, ensuring compliance with security policies and risk tolerance.
- Monitor, track and follow up on remediation of security findings from internal network vulnerability assessments (NVA).
- Manage Data Loss Prevention (DLP) exception requests and ensure proper governance and approval workflows.
- Oversee the execution of internal NVA and wireless penetration tests, including triage and remediation coordination.
- Ensure timely dissemination of Cyber Threat Intelligence (CTI) to IT custodians for risk assessment and action.
- Coordinate and support cyber insurance review and renewal processes, providing relevant security documentation and updates.
- Prepare, track, and manage monthly infrastructure security KPI reports for management and stakeholders.
We are looking for people who
- Bachelor's degree in Information Security, Computer Science, or related field.
- 7+ years of IT security experience, with at least 4 years in infrastructure security within financial industries.
- Professional cybersecurity certifications such as CISSP, CISM, CISA, or CCSP are preferred.
- Strong knowledge of firewall technologies, vulnerability management, and DLP tools.
- Experience with PCI DSS 4.0 compliance and other financial industry regulatory requirements.
- Familiarity with threat intelligence, cyber insurance, and IT risk management practices.
