Next job

Information Security Manager in Edvantis

Posted more than 30 days ago

2 views

Edvantis

Edvantis

0
0 reviews
Without experience
31 липня 2024 Information Security Manager Львів, за кордоном Our Company is looking for a proactive and experienced person who will be fully responsible for ISMS governance in all aspects as required by ISO/IEC 27001:2022 standards. Responsibilities: Maintain, improve, and develop security standards, policies, procedures, best practices, and pieces of training to continually elevate the protection of the Company’s people, assets, and reputation Oversee the dissemination of company

31 липня 2024

Information Security Manager

Львів, за кордоном

Our Company is looking for a proactive and experienced person who will be fully responsible for ISMS governance in all aspects as required by ISO/IEC 27001:2022 standards.

Responsibilities:

  • Maintain, improve, and develop security standards, policies, procedures, best practices, and pieces of training to continually elevate the protection of the Company’s people, assets, and reputation
  • Oversee the dissemination of company policies, standards, and procedures to Company’s employees and control employees’ awareness of the existing set of regulations
  • Conduct an annual information security risk assessment, document identified vulnerabilities, mitigating controls and residual risk(s)
  • Conduct threats and vulnerability assessments and determine required security measures and controls
  • Develop and handle Business Continuity / Disaster Recovery Planning
  • Organize and conduct internal and external audits of ISMS
  • Act as the initiator of the process of potential risk identification and their mitigation with responsible parties
  • Develop and deliver education and training programs on information security for employees, contractors, and third parties, and review the participants’ progress
  • Consult employees about security control measures implemented and used in the Company
  • Function as an internal consulting resource on information security issues for the business units
  • Serve as a main focal point for audit review and maintain a positive working alliance with auditors
  • Create and control security reporting (metrics, KPIs, security / CEO dashboard)
  • Detect, respond, investigate, and prevent cyber threats to the Company’s assets
  • Anticipate security alerts, incidents, and disasters and reduce their likelihood
  • Analyze security breaches to determine their root cause
  • Work with various stakeholders (internal and external) to track system and application security weaknesses from identification to risk acceptance
  • Use security systems (e.g., SIEM, MS365 security center, MS Azure security, vulnerability scanners, anti-virus, anti-malware, firewalls) to identify technical risks; reduce false positives
  • Handle information security exceptions
  • Perform risk assessments of non-standard software
  • Perform vulnerability and end-of-life monitoring
  • Perform vendor patching notification review, prioritization, and end-of-life monitoring
  • Plan, implement, and monitor security measures and controls
  • Play a leading role in the identification, analysis, evaluation, and optimization of security technologies
  • Lead projects and initiatives to design and verify the implementation of various information security controls
  • Establish, manage, and continuously improve governance, risk management, and compliance processes

Requirements:

  • Master’s degree in information security or similar
  • 2+ years of experience in information security in an IT company
  • ISMS implementation and governance according to ISO/IEC 27001 standard
  • Understanding of international and Ukrainian information security laws and standards
  • Knowledge of GRC framework
  • Understanding of information security controls in computer systems, media, and the Internet
  • Understanding of DR/BCP
  • Excellent project management and effective written and oral communication skills
  • Ability to work collaboratively with a broad range of constituencies
  • Demonstrated ability to identify security requirements and validate implementation of applicable controls
  • Strong analytical and conceptual skills balanced by a broad perspective on how security efforts support the realization of the business goals
  • Critical thinking and problem-solving skills
  • Planning and organizational skills
  • English level — Intermediate or higher

We offer:

  • Remote-first work model with flexible working hours (we provide all equipment)
  • Comfortable and fully equipped offices in Lviv and Rzeszów
  • Competitive compensation with regular performance reviews
  • 18 paid vacation days per year + all state holidays
  • 12 days of paid sick leave per year without a medical certificate + extra paid leave for blood donation
  • Medical insurance with an affordable family coverage option
  • Mental health program which includes free and confidential consultations with a psychologist
  • English and German language courses
  • Corporate subscription to learning platforms, regular meetups and webinars
  • Friendly team that values accountability, innovation, teamwork, and customer satisfaction
  • Inclusive environment where everyone feels valued and treated equally. We proudly partner with VeteranHub to support Ukrainian veterans
  • We are committed to supporting Ukraine and actively participate in charity initiatives

Without experience
Want to get related jobs?
New job openings in your Telegram
Subscribe
We use cookies
accept