Security & Compliance Engineer
- Government organization
-
Elanın qoyulma tarixi: 13.10.2021Vakansiyaya müraciət tarixi bitmişdir.
İşin təsviri
Role and Responsibility:
• Designing audit procedures to assess IT security controls and meet audit objectives;
• Prepare audit reports, memoranda, and other documents; makes verbal presentations on audit findings/recommendations;
• Participation in the risk analysis process in the role of a technical expert;
• Develop and manage the continuous improvement of security controls;
• Ensure that security policy and security standards are implemented;
• Raising user awareness in technological areas;
• Provide operational incident support across a set of assigned technologies;
• Assist Information Asset Owners and other company teams to define and implement appropriate security recommendations;
• Involved in security breaches and threats, issue handling, and investigate violations when they occur;
• Communicate with peers and managers regarding security issues;
• Support all aspects of cyber security compliance under Risk Management Framework.
Qualifications:
• Required experience with ISO/IEC 27001 maintenance or another security compliance standard (SOC-2, NIST CSF, NIST 800-53, etc.);
• Certification to one or more or of the equivalent: CISSP, CISM, ISO/IEC 27001 lead implementer, ITIL;
• Minimum 2 years of relevant experience in an Information Security function;
• Be able to understand the controls and processes associated with other certification, legal, regulatory, and compliance security frameworks. For example, these include the General Data Protection Regulation (GDPR), Cyber Essentials, ISO-27001, SOC 2, NIST CSF, NIST 800-53;
• Qualified education degree relating to security of Information Systems and demonstrated knowledge and experience;
• Have professional curiosity and the ability to enable yourself in new technologies and tasks;
• Excellent verbal and written communication skills to be able to interact with technical and business counterparts;
• Familiarity with application and infrastructure vulnerabilities and encryption;
• Ability to handle multiple complex tasks in a dynamic environment with tight deadlines concurrently;
• Good English level, additional languages will be a plus;
• Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
Interested candidates are welcome to send their CV’s by the subject “Security & Compliance Engineer” to the following email address: [email protected]
Government organization tərəfindən digər vakansiyalar
