Information security specialist (İnformasiya Təhlükəsizliyi mütəxəssisi)
Ə/h razılaşma ilə
70
Tam iş günü
Bakı,
Azərbaycan
28.08.24
-
27.09.24
İş haqqında məlumat
- Creating an information security plan, determining its budget, prioritizing, managing and monitoring information security projects;
- Establishing, revising and updating information security policies, standards, procedures and instructions when necessary;
- Ensuring the continuity of ISO 27001 Information Security Management System, coordinating the work of the Information Security Committee and following the actions;
- Establishing asset inventories, determining asset values, analyzing information security risks, determining and monitoring risk reducing activities;
- Analysis of legal requirements related to information security, determination of actions, ensuring coordination with relevant teams and monitoring compliance, integrating information security requirements with organizational processes;
- Providing security risk analysis in requests and projects, defining and monitoring security requirements, providing consultancy and support to business units on information security issues;
- Performing risk analysis for suppliers, monitoring actions, specifying information security requirements in external party contracts;
- Involving new systems and applications in the selection and installation processes, determining the security policies to be applied;
- Performing project security analyses, determining project security requirements, monitoring and tracking that the requirements are met;
- Performing cloud computing security analyses, determining cloud security requirements, preparing information notes on risk analysis results, monitoring and tracking that security requirements are met;
- Planning, performing and determining actions for clean desk clean screen policy compliance audits;
- Performing information security audits, monitoring of findings and actions, planning and reporting of corrective and preventive actions.
Tələblər
- Bachelor degree in Information Security, Engineering Faculties (Computer, Electronics, Industry, etc.) or Mathematics, Physics etc;
- 5-8 years of experience in related field;
- ISO/IEC 27001 information Security Management System;
- ISO/IEC 27001, NIST Cybersecurity Framework, and GDPR Compliance Requirements;
- Policy & Procedure Development for Information Security;
- External Parties and Supplier Risk Analyses;
- Information Security Requirements Analysis in Projects;
- Cloud Computing Information Security Controls, Cloud Security Standards and Frameworks;
- Information Security Awareness and Training Management;
- Information Security Asset and Risk Management;
- Preparation of Phishing Scenarios & Simulation Tests;
- Clean Desk Clean Screen Compatibility Audits;
- Advanced level of English.
İnformasiya texnologiyaları
İKT
