our companys Harmony SASE is looking for an Information Security Manager to join its staff.
This is a unique opportunity for you to work in the #1 worldwide Cyber Security Company, gain expertise and experience leading the information security program for the best of SASE (Secure Access Service Edge).
Key Responsibilities
As Information Security Manager you will:
Governance, Risk & Compliance
Lead and manage the Product Security team
Build, operate, and continuously improve the Harmony SASE Information Security Management System (ISMS), aligning policies, standards, and controls with our company and industry best practices.
Own the Harmony SASE compliance roadmap - lead and maintain certifications and attestations including ISO/IEC 27001, SOC 2 Type II, GDPR, IRAP and C5
Lead enterprise risk assessments and the third-party / vendor risk program, ensuring risks are identified, prioritized, and treated.
Coordinate internal and external audits, manage evidence collection, and remediate findings to closure.
Product & Application Security
Develop and implement a comprehensive AI - Secure Software Development Lifecycle (AI S-SDLC) framework, embedding security into every phase of the SDLC and CI/CD pipelines.
Conduct threat modeling and secure architecture reviews for new and existing Harmony SASE features, partnering with R&D to mitigate vulnerabilities by design.
Operate the application security tooling stack - ASPM, SAST, DAST, SCA, AI Security Scanning and secret scanning - at scale, and partner with development teams to drive findings to remediation while maintaining developer productivity.
Champion secure coding practices and OWASP Top 10 awareness across R&D.
Operational Security & Incident Response
Lead security incident response for Harmony SASE - preparedness, detection, containment, eradication, recovery, and lessons-learned - covering both product and information security incidents.
Oversee identity and access governance, ensuring least-privilege, segregation of duties, and access reviews across production and corporate environments.
Design and operate security automation to enhance the efficiency and coverage of security operations.
Security Culture & Enablement
Foster a culture of security awareness and continuous improvement; deliver targeted training for engineers, operations, and broader staff.
Lead responses to customer security questionnaires, RFPs, and due-diligence requests, representing Harmony SASEs security posture to customers and partners.
Stay current on the evolving Threats Landscape, regulations, and technologies, and translate them into pragmatic improvements to the security program.
Youll enjoy:
Interact with executives, managers, engineers across the company
Be the best security expert and knowledgeable you can imagine
Sharing your day with fun, passionate, brilliant people.
דרישות:
We are looking for you:
Bachelors degree in computer science, Information Security, or related field.
Minimum of 5 years of experience in information security or application/product security, with at least 2 year in a leadership role.
Proven experience building or operating an Information Security Management System (ISMS) and leading certifications such as ISO/IEC 27001 and SOC 2.
Working knowledge of GDPR, PCI-DSS, and NIST CSF / 800-53; familiarity with HIPAA, FedRAMP, DORA, Cyber Essentials, C5, IRAP, AI Security Frameworks and the Cloud Controls Matrix (CCM).
Hands-on experience with S-SDLC, threat modeling, and application security tooling such as ASPM, SAST, and DAST in complex, high-scale environments.
Strong understanding of risk management, third-party risk, identity and access governance, and incident response.
Excellent communication and leadership skills, with the ability and passion to drive change across R&D and the broader organization.
Reports to the Harmony SASE Head of Architecture (R&D Director) and partners closely with R&D, DevOps, IT, Legal, and the company Corp המשרה מיועדת לנשים ולגברים כאחד.