BANK INVESTICIY ta ZAOSchADZhEN
Main responsibilities:Identification and analysis of information security risks within the framework of the Bank's risk management system.Assessment of information security risks, in terms of determining the probability of threat realization, effectiveness of information security measures and processes. Processing of information security risks, in terms of preparing and forming a plan of measures to minimize risks.Creating, maintaining and ensuring timely updating of the list of threats and vuln
Main responsibilities:
- Identification and analysis of information security risks within the framework of the Bank's risk management system.
- Assessment of information security risks, in terms of determining the probability of threat realization, effectiveness of information security measures and processes.
- Processing of information security risks, in terms of preparing and forming a plan of measures to minimize risks.
- Creating, maintaining and ensuring timely updating of the list of threats and vulnerabilities, the implementation of which is possible in the Bank.
- Developing metrics and measuring the effectiveness of information security processes.
- Summary of reporting and information on the functioning of information security processes for submission to management.
- Implementation methodological and regulatory support for the operation of information security processes, development and maintenance of the Bank's documents on information security issues.
- Participation in projects related to the implementation of information security measures and systems.
- Monitoring the Bank's employees' compliance with information security requirements.
- Preparation of training materials and knowledge level control materials, ensuring training and raising the awareness of Bank employees on information security issues security.
- Executing the functions of the secretary and managing the office of the Commission on the Bank's information security management system.
Requirements:
- Higher education in the field of information security, cyber security, information technologies.
- Confirmed work experience in a relevant position of 3 years or more.
- Availability of certifications for courses/training in the field of information security.
- In-depth knowledge of laws and regulations, international standards related to information security (ISO/IEC 27000 - ISO/IEC 27005), SWIFT CSP, regulations of the National Bank of Ukraine on matters of organization and provision information security, cyber protection, information security risk management.
- Practical experience in implementing and supporting the information security management system, conducting an information security risk assessment in the banking sector.