Information Security Officer in Sombra

Our Information Security department has been working for more than three years now. Weare looking for anew Lead tobring more technical background and strategic thinking tothe table. The processes and tools are established, soyou will beresponsible for adjusting them and establishing new ones asthe company and client requirements for InfoSec are growing. You will lead another InfoSec specialist.Requirements:5+years ofexperience inInfoSec;Understanding the principles ofIT infrastructure protection systems and network security (Fortinet experience would beanadvantage);Experience with IAM systems (experience with Microsoft Entra IDwould beanadvantage);Experience with Vulnerability management systems;Experience setting upSIEM ;Experience with CrowdStrike would beanadvantage;Experience configuring security policies for Google Workspace/Office 365 would beanadvantage;Knowledge ofcommon information security management frameworks, such asISO/IEC 27001 and NIST;Experience inpassing orconducting external audits;Understanding risk and incident management methodologies;Documentation writing skills;English Upper-Intermediate orhigher (written and spoken);Proficient communication skills;The ability toeffectively communicate, negotiate, and establish mutual understanding with diverse people.Responsibilities:Being responsible for the Information Security ofthe company;Developing and managing the security strategy;Meeting the InfoSec goals and KPIs;Coordination, support, and control for theIT security processes (ISO2700x);Leading projects toimplement and modernize the information security systems (NGAV, EDR, IAM, SIEM, WAF, etc.);Ensuring that the company’s tools can properly monitor security events from corporateIT systems, devices, applications, databases, and solutions while overseeing information security monitoring activities;Organizing and conducting penetration testing;Building ITasset management;Identifying risks and measures;Management ofincidents;Working daily with the company management toestablish information security ineach department (ability tohandle conflicting interests ofdepartments during the deployment ofinformation security measures );Organizing internal training oninformation security for employees (training, education, testing) ;Conducting internal audits oninformation security;Preparing the company for passing ISO 2700x and other audits;Managing another InfoSec specialist;Handling clients’ security inquiries;Taking part inpre-sales meetings with our clients toask questions and understand their needs inour cybersecurity services (AppSec, Pentesting, Security Consulting, and Managed Security Services);Help toprepare marketing materials and proposals for such clients;Interview security engineers who could fulfill client needs.What weoffer:Annual paid vacation of18working days.Extra vacation days for long-lasting cooperation.Annual paid illness of10days.Maternity\Paternity leave.The opportunity for sabbatical leave.Marriage and Parenthood Package.Compensation for sports activities (upto6000UAH\year).50% cost compensation for attending courses for self-development.Corporate doctor.Internal education(corporate library, Udemy courses).Career development plan.English and Spanish classes.Paying taxes and conducting private entrepreneurs.Technical equipment: laptop, mouse, keyboard, monitor.Internal Referral program.Opportunity totake part incompany volunteering activities.Technical community events.