EXPLORE PREMIER
OPPORTUNITIES

Information Security Manager

Forter

Saas

501-1000

New York, NY, USA

About the job

Overview:

About the role:
We are looking for a motivated, energetic and experienced Information Security Manager (ISM) to be part of our information security journey and take the lead in the security GRC and awareness domains. Take ownership of your domain and oversee information security through the development of policies, training initiatives, establishment of vendor security assurance, advancement of company awareness, and the development of Forter’s security and privacy compliance certificates and audits.
As a key role within the Information Security team, the ISM position requires a working knowledge of information security systems and technologies. The ISM will proactively work with all teams and departments to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of security-related risk management activities.
The ISM will serve within the Governance, Risk, and Compliance (GRC) team as the process owners of GRC activities related to the availability, integrity and confidentiality of customers, business partners/vendors, employees, and business information in compliance with the organization's information security policies. The ISM must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
Why should you join us?
As an Information Security Manager, you play a crucial role in safeguarding Forter’s assets, including its data, reputation, and customer trust, and you'll serve as the front line of defense against security threats.
As a proactive ISM team member at Forter, you will undertake a range of tasks, such as overseeing security and governance programs, performing vulnerability assessments, and spearheading diverse projects and initiatives aimed at bolstering the company's security posture. This assortment ensures the role remains engaging and offers ample opportunities for skill diversification and growth.
Being part of the Infosec team at Forter requires continuous learning and staying up-to-date with the latest threats, Information Security approaches and technologies.
This is a great place to grow and take your career to the next level.
What you will be doing:

Manage Forter’s GRC program, ensuring compliance with SOC2, ISO 27001/27701 and PCI-DSS, while enhancing process efficiency through the implementation of automation.
Review, update, and create policies and procedures to ensure alignment with customer requirements, certifications, and regulations.
Respond to security questions and questionnaires from company prospects and customers, providing support for company operations.
Conduct routine internal security reviews.
Manage information security risk activities, including conducting annual risk assessments, performing root cause analysis, and overseeing remediation activities.
Lead the vendor security program - Assess the security and compliance of Forter’s vendors.
Responsible for the security awareness program, conducting training sessions, quizzes, and drills.
Continuously enhance the security standard of Forter solutions by developing / implementing open-source / third-party tools to assist in detection, prevention and analysis of security threats, manage internal and external pen testing and test security products and evaluate them.
Provide technical answers and assist sales teams with RFPs / RFIs / RFQs and sales efforts.

What you’ll need?

5+ years working in a relevant security role.
Proven project management capabilities in GRC & Awareness domains, including planning and execution.
Knowledge of risk assessment industry best practice frameworks and methods and ability to independently lead risk remediations across the organization with minimal supervision.
Ability to effectively communicate security needs and business requirements to stakeholders.
Proven experience with common information security management frameworks, such as ISO27001 / SOC2 / PCI-DSS or similar.
Proficiency in performing business impact analysis, vulnerability assessments, and in defining treatment strategies.
Knowledge of and experience in developing and maintaining policies, procedures, standards and guidelines., documenting security architecture and plans (including project plans).
Extensive knowledge of various threats and vulnerabilities (DDOS, Social engineering hacking forms, etc.).
Great verbal and written communication skills, Hebrew and English.
Ability to work with cross-functional teams.

It’d be cool if you also: [NOT A MUST]

Experience in AWS Cloud Security.
Industry security certifications, relevant security education, or courses.
Excellent interpersonal, writing and communication skills.

About us:
Digital commerce is built on trust. At every point along the eCommerce journey, businesses must make a critical decision: Can I trust this customer? Answering this simple question accurately and instantly is powerful—it can accelerate revenue growth and strengthen a company’s connection with its customers. How do we do it? Forter was founded on the insight that it's not about what is being purchased, nor where— but who is behind the interaction.
The Forter Decision Engine finds patterns across more than one billion identities in our dataset. We isolate fraudsters and protect customers—ensuring everyone gets the experience they deserve.  Given that trust is central to how we operate, Forter is very much driven by a defined set of values. We attract remarkable talent and have retention and engagement levels that are well above benchmarks. We’re meticulous about strengthening our culture as we grow and ensuring this is an environment where people can have outsized impact.
Trust is backed by data –  Forter is a recipient of over 10 workplace and innovation awards, including:

Great Place to Work Certification (2021, 2022, 2023)
Fortune’s Best Workplaces in NYC (2022)
#3 on Fast Company’s list of “Most Innovative Finance Companies” (2022)
Forbes Cloud 100 (2021, 2022)
SAP Pinnacle Awards “New Partner Application Award” (2023)
Fintech Breakthrough Awards – Best Fraud Prevention Platform (2023)

Life as a Forterian:
We are a team of over 500 Forterians spread across 3 different continents. Since 2013, we've raised $525 million from investors such as Tiger Global, Bessemer, Sequoia Capital, March Capital and Salesforce Ventures. We're on a mission to bring trust to global digital commerce so that companies like Nordstrom, Priceline, Instacart and ASOS can block fraud, drive revenue and improve customer experience.
At Forter, we believe unique people create unique ideas, and valuable experience comes in many forms. So, even if your background doesn't match everything we have listed in the job description, we still encourage you to apply and tell us why your skills and values could be an asset to us. By welcoming different perspectives, we grow together as humans and as a company.
Forter is an Equal Employment Opportunity employer that will consider all qualified applicants, regardless of race, color, religion, gender, sexual orientation, marital status, gender identity or expression, national origin, genetics, age, disability status, protected veteran status, or any other characteristic protected by applicable law.
If you need assistance or an accommodation due to a disability, please email us at interviewaccommodation@forter.com. This information will be treated as confidential and used only for the purpose of determining an appropriate accommodation for the interview process.