Information Security Manager

Job description / Role

Our team
You’ll be part of our Information Security team. We’re the first line of defence against hackers and security flaws that may impact our trading operations and global client base. We manage threats and potential security risks through smart strategies, airtight policies, meticulous communication, and technical execution.

About us
We’re Deriv.com. We’re all about trading. We’re the geeky upstarts who pioneered an industry. That was 20 years ago. We’re still going strong. More than a million traders from around the globe have trusted us with their money. We work across continents so traders can get trading simply, from anywhere, at any time and every time. Be part of something big. Join us.

Your role
As the Information Security Manager, you will lead your team in protecting our networks, computers, and data against cyber-attacks, computer viruses, security breaches, and any other threats. You will design, assess, and improve security plans to address existing vulnerabilities and keep our information systems functional and safe.

What you’ll do
• Build and deliver security controls to protect systems, critical infrastructure, and information assets.
• Create and oversee the execution of security policies, reporting templates, and security metrics that support business continuity and fulfil regulatory requirements.
• Lead team in performing high-quality security reviews, code audits, and penetration tests on web applications and production infrastructure.
• Manage acquisition and installation of new security systems (such as antivirus software, firewalls, intrusion detection systems) based on our evolving needs.
• Manage our bug bounty programme and external security vendors.
• Educate employees on security best practices and convey new vulnerabilities that may affect their work.

Requirements

What you have
• A university degree in computer science, information technology, or a related field
• 7+ years of experience in information security management
• Extensive experience in technical security, including in the design, configuration, and implementation of enterprise security systems
• Experience dealing with regulatory compliance as well as privacy and security laws
• Working experience in performing and overseeing security audits and penetration tests
• Recognised information security qualification (e.g. CompTIA Security+, SANS GIAC, CISSP, CISA, CISM)
• Knowledge of industry standards (e.g. ISO 27001, ISO 31000, PCI DSS, Cyber Essentials)
• Outstanding project management skills
• Excellent spoken and written English communication skills

What's good to have
• Willingness to relocate to Malaysia, to be based at our headquarters, if required.

What we’ll give you
• Exciting work challenges
• Cooperative work environment
• Career advancement opportunities
• Market-based salary
• Annual performance bonus
• Health benefits
• Casual dress code
• Travel and internet allowances

About the Company

We’re Deriv. We’re all about trading. We’re the geeky upstarts who pioneered an industry. That was more than 20 years ago, and we’re still going strong. Today, we work across continents and serve over a million traders from around the globe. Join us. Grow with us.