The position has been closed by the company
Find similar jobs
Next job

Information Security Consultant / Auditor in Cossack Labs

Posted more than 30 days ago

2 views

Cossack Labs

Cossack Labs

0
0 reviews
Without experience
lviv
Information Security Consultant / Auditor Київ, Львів This vacancy is only for Ukrainian residents within Ukraine. Weinvite anexperienced Information Security Consultant/ Auditor tojoin our team. This position might beagood fit ifyou are interested inanalysing and improving information security processes inmodern technological companies. Weare adata security solutions company, our solutions are well-known amongst security-aware teams worldwide and popular for easily solving complicated secur
Information Security Consultant / Auditor Київ, Львів This vacancy is only for Ukrainian residents within Ukraine. Weinvite anexperienced Information Security Consultant/ Auditor tojoin our team. This position might beagood fit ifyou are interested inanalysing and improving information security processes inmodern technological companies. Weare adata security solutions company, our solutions are well-known amongst security-aware teams worldwide and popular for easily solving complicated security challenges. Apart from building “off-the-shelf” solutions, wedesign custom security controls for novel problems and handle mission-critical, multi-app, multi-platform distributed systems, addressing serious issues inthe world aroundus. Wework inthe B2B space, with customers such aspower grid operators, payment processors, legal companies, and million-user customer applications. Responsibilities: Understand the cybersecurity posture oftechnological organisations and guide them towards improvements. Lead internal cybersecurity programme (improving our security posture) aswell asguide our clients. Conduct risk assessment and gap analysis forus and our clients: analyse risk posture, define sensitive assets, describe top risks &threats, identify gaps insecurity controls coverage, suggest missing controls and policies. Think NIST RMF, NIST SP800-53. Outline organisation-wide and product-wide security roadmaps and plans. Select and insist onsecurity controls that would mitigate high-priority risks (NIST SP800-53). Design and draft security policies, procedures, standards and controls inline with regulations and/or relevant standards. Think ISO27K, NIST CSF, SOC 2. Assess software engineering processes and suggest improvements based onOWASP SAMM. Maintain and review ISMS documentation, suggest improvements. Maintain control documentation for relevant risk areas and business/technology processes. Requirements: 5+years ofexperience working asarisk &compliance auditor, information security officer, cybersecurity consultant, orinasimilar role. Sound understanding ofindustry standards incybersecurity (NIST, ISO, ITIL, ISF). Strong understanding ofsecurity and information security controls: which ones solve which problems. Good understanding ofindustry standards inprivacy (GDPR, ISO 27018). Advanced knowledge ofIT general controls (security, change management, disaster backup recovery, data centre, infrastructure, etc.), andIT governance processes (ITIL). Bachelor’s orMaster’s degree inComputer Science, Cybersecurity, ITAuditing, Information Systems. Upper-intermediate English, written and spoken. Ability towork independently and aspart ofateam inafast-paced environment. Nice tohave: In-depth technical understanding ofinformation security, IoT and hardware, systems engineering, infrastructure, etc. Understanding ofhow large distributed systems are built orhow they work. Think power plant control systems atcountry-scale. Desire towork onextremely innovative projects. Experience working inamulticultural context. Hiring Process: Test task Introduction call Technical interview Offer What’s initfor you? Competitive compensationHybrid work model: this position allows for acombination ofin-office and remote work asneeded Paid vacation— 21business days per year Paid sick leaves Combining technologies: cryptography, software engineering, information security Conferences, books, and courses ifneeded.
Without experience
lviv
Want to get related jobs?
New job openings in your Telegram
Subscribe
We use cookies
accept