Manager, Information Security

Join to apply for the  Manager, Information Security  role at  Samsung Electronics .

At Samsung Electronics Canada, we take pride in the creativity and diversity of our talented people – they are at the front of everything we do. They drive our continued success. We want the best of the best to join our team, not just those who fit into our culture but those who will add to it.

Position Summary
The Manager, Information Security will play a key role in our company, working closely with IT and Business to help align security goals with business objectives. This role will also help in the implementation and maintenance of various security solutions; ensuring effective integration while managing day‑to‑day operations. The role oversees the flow of all Strategic Project Information (samples, specs, design, S/W, etc.)

for Security Projects, including security protocols and approvals for both Samsung employees and third party providers.

Role And Responsibilities

Strategic Project Information Management

Ensure security protocols such as NDA and training are completed prior to project initiation.

Determine asset access authorization for internal and external entities.

Conduct security training for internal employees and agency partners.

Prepare security and clean‑room checklists, printing requirements, etc., before every strategic project kick‑off.

Review exception requests and identify compensating controls before approval.

Review and approve access to Samsung’s FTP solution for both internal employees and agencies; establish a secure access management process.

Manage vulnerability remediation and firewall requests by coordinating with Samsung Security teams.

Keep records of all access and ensure only employees part of the project have access.

Conduct investigation in the event of a security incident and report to Information Assurance group.

Security Projects

Oversee deployment, configuration, and ongoing administration of security tools such as SIEM, EDR, DLP, CASB, and password manager solutions.

Configure and manage DLP/EDR policies as per security standard.

Manage Splunk, ensuring CIM compliancy, collaborating with system owners, correcting any logging issues, managing or creating SOPs and design documents, creating dashboards, and optimizing searches.

Work with Splunk engineers to ensure all data is CIM compliant.

Assist in proper operation and performance of Splunk, search heads, and data models.

Security Assessment, Monitoring, Reporting and Auditing

Monitor and analyze logs from various systems using Splunk SIEM.

Identify, investigate, and respond to security incidents.

Monitor, collect, analyze endpoint activity in EDR that could indicate a threat and respond, including notifying security personnel.

Use forensics and analysis tools to research identified threats and search for suspicious activities.

Monitor data transfer, implement security measures, and conduct risk assessments to identify vulnerabilities in DLP.

Develop ongoing technology risk reporting, monitor key trends and define metrics to measure control effectiveness; ensure visibility and awareness of vulnerabilities with the company’s internal and external IT systems.

Perform security assessment for cloud deployments and services.

Conduct regular vulnerability assessments and risk analysis.

Oversee and audit installation and operation of security equipment and facilities to comply with the company’s information security policy.

Provide technical guidance and support to other IT and Security team members.

Review and manage ongoing assessment of firewalls, web proxies, SIEM, Wi‑Fi networks, vulnerability assessments and other network component policies.

Oversee third‑party security and compliance audits and any resulting remediation actions.

Ensure security compliance with policies and laws.

Training/awareness/communication/testing – e.g., KnowBe4 Platform Management, monthly newsletters.

Stay informed about emerging security threats and recommend appropriate countermeasures.

Requirements

Education

Bachelor’s degree in Computer Science, Information Systems, or equivalent field.

Knowledge

Knowledge of risk management, security architecture, threat modelling,…