Bestcomp Group

Information security auditor (İnformasiya təhlükəsizliyi auditoru)

Ə/h razılaşma ilə 2690
Tam iş günü
Bakı, Azərbaycan
24.01.25 - 24.02.25

İş haqqında məlumat

  • Conduct regular security audits of IT systems, networks, and applications to identify potential risks, vulnerabilities, and areas of non-compliance;
  • Evaluate the effectiveness of security controls, including firewalls, encryption protocols, access management, and intrusion detection systems;
  • Review and assess security policies and procedures to ensure they are up-to-date and aligned with industry standards (e.g., ISO/IEC 27001, NIST, GDPR, PCI DSS);
  • Assess and review access controls and user permissions to ensure appropriate levels of access are granted, and unauthorized access is prevented;
  • Collaborate with the teams to ensure the implementation of necessary security measures to mitigate identified risks;
  • Provide actionable recommendations to management for improving security posture and reducing risks;
  • Prepare and present audit reports, highlighting security issues, risks, and recommendations to senior management and relevant stakeholders;
  • Stay current with evolving cybersecurity threats, trends, and regulatory requirements to continuously improve security practices;
  • Conduct security awareness training sessions for employees and assist in fostering a culture of security awareness.

Tələblər

  • Diploma: Bachelor’s or master’s degree in computer science, Cybersecurity, Information Technology, or a related field;
  • Proven experience (2+ years) in related areas or similar role;
  • Strong understanding of information security principles and best practices, including risk management, security protocols, and regulatory requirements;
  • Experience with security frameworks and standards such as ISO/IEC 27001, NIST, PCI DSS, and GDPR;
  • Familiarity with network security, firewalls, encryption techniques, and intrusion detection systems;
  • Excellent analytical, problem-solving, and communication skills, with the ability to explain complex security issues in simple terms to non-technical stakeholders;
  • Ability to work independently and as part of a collaborative team;
  • Certification in information security auditing (e.g., CISA, CISM) or equivalent;
  • Language Skills;
  • Azerbaijani (required);
  • English (required);
  • Communication skills;
  • Analytical skills;
  • Detail oriented;
  • Cooperation and Teamwork;
  • Active learning skills;
  • Time management;
  • Problem solving skills;
  • Positive Attitude;
  • Strong Work Ethic.