This website uses cookies to improve service and provide more personalized services. By using this site, you agree to this use. You can change your cookie settings at any time. Further information on the purpose and use of the cookies used and how to remove them can be found in our Privacy Policy.

OK

Careers

Join us at
Credorax.

VP Information Security

Location: Sapir Street 6, Herzliya, Israel

We're always on the lookout for talented, dedicated, passionate professionals who will thrive in our fast-paced, exciting and international environment.

If you enjoy being a part of a team, yet know how to shine on your own, if you are inspired by the thought of helping to provide a NextGen service used by leading online businesses worldwide — you'll fit right in at Credorax.

Join us at Credorax, where great ideas are created, encouraged and rewarded. Share available positions and get credit for your referrals!

Description

As part of our continued growth, we're looking for a VP Information Security.

  • Be in charge of all information security program in Credorax group – globally
  • Define information security strategy, work plan, manuals & procedures regarding information security, and other security related aspects
  • Lead a team of security architects and specialists, including building the technical and methodological knowledge-base and internal training
  • Full responsibility and management of information security compliance programs – PCI-DSS, PCI PIN Security, SWIFT Security, and GDPR
  • Direct all projects, IT, sales, and business departments regarding both strategic and technical implementation of information security in systems and projects
  • Provide technical information security guidelines including low-level description, for systems based on Linux infrastructure, various network security layers (routers, firewalls, Intruders-Prevention Systems, Web-Application Firewalls) and lots of other open source platforms
  • Work closely with R&D teams, including providing application security guidelines, integrating with continuous development processes, and implementing automated and manual secure development lifecycle processes based on security code reviews, static and dynamic security tests, and threat modeling
  • Act as the “security CTO” of the company, participate in architecture design meetings with product, R&D, and TechOps teams mostly, provide security requirements to all relevant layers within the product (application, infrastructure, dataflow, and business process)
  • Work with legal department, mostly as a proxy who translates the legal requirements to the technical teams and vice versa
  • Conduct self AND 3rd party risk assessments and penetration tests to evaluate security risks, assessing their risk level - and provide mitigation plan and methods for risk reduction
  • In charge of all information security operations, including continuous monitoring, incident response, and awareness plan for all employees


Requirements

  • Minimum of 8 years experience in a combination of risk management, information security and information technology
  • At least 2 years as CISO in a small/medium size company OR at least 3 years as senior security leader in big size organization
  • Experience with PCI-DSS Level 1 certification
  • Knowledgeable of Information Security best practices and regulatory and compliance requirements that impact security globally
  • Experience of working with 3rd party risk assessments and penetration tests companies
  • Experience in working with CIO, COO and other IT leaders to develop overall IT security strategy in the context of the business strategy
  • Familiar with the principles and techniques of security risk analysis and must demonstrate the ability of implementing security processes and a security-aware culture
  • Experience with complex infrastructures and high-end technology
  • Experience with OS security (Linux and Windows)
  • Experience with database security, emphasizing Oracle, PostgreSQL, and MySql
  • Excellent English (both speaking and writing)
  • A “CAN DO” attitude and great interpersonal skills


Advantages:

  • Experience as a CISO in a financial company
  • Experience with GDPR compliance
  • Proven experience with incident response processes
  • Experience with application security
  • CISSP certification


Apply for this position