ELEKS Security Department is looking for Senior Information Security Consultant in all our Offices
Senior Information Security Consultant is responsible for providing subject matter expertise in information security solutions, designs and assessments across the company; balance business priorities, information security risks, and security best practice to ensure confidentiality, integrity, and availability of organization’s assets.
- Perform risk assessments and security audits.
- Evaluate the efficiency, effectiveness and compliance of operation processes with corporate security policies and related security regulations.
- Review or interview personnel to establish security risks and complications.
- Determine the most effective way to protect organization’s assets against possible attacks. Develop rigorous “best practice” recommendations to improve security on all levels.
- Define, implement, ensure and maintain corporate security policies.
- Create and execute awareness program.
- Perform periodic security reporting (both: executive and technical).
- Collaborate with departments to improve security compliance, manage risk and bolster effectiveness.
- Respond to security-related incidents and provide a thorough post-event analysis.
- Participate in customer information security compliance process. Identify and satisfy customer requirements related to information security.
- Define and apply secure coding guidelines and standards.
- Research security vendors, standards, security systems and solutions.
- Prepare cost estimates and identify integration issues.
- Provide technical supervision for (and guidance to) a corporate security team.
- Provide subject matter expertise in information security for internal / external requests.
- Manage the identity and access provisioning lifecycle.
- Participate in Business Continuity / Disaster Recovery planning and exercises.
- Work as a team member performing any and all functions necessary for the successful operation of the Corporate Security department.
- 5+ years of experience in information security.
- 3+ years of managerial experience.
- Certification: CISSP, CISM, CEH, CISA, ISO 27001 LA will be a significant advantage.
- Critical thinking and problem-solving skills.
- Planning and organizational skills.
- Strong project management, written and oral communications skills.
- Ability to work close with a broad range of stakeholders.
- Preferably technical university degree (information or cyber security, computer science etc.).
- English – upper-intermediate or higher.
- Experience in developing / maintaining ISMS.
- Knowledge of security frameworks / standards (e.g. ISO 27001, SOC2, NIST, HIPAA, PCI DSS, GDPR, ITIL, Cobit etc.).
- Ability to conduct readiness / gap assessments, provide recommendations.
- Understanding of international information security laws / regulations.
- Understanding of GRC framework.
- Understanding of secure coding practices, ethical hacking, threat modeling, secure SDLC process.
- Understanding of DR / BCP.
- Experience in defining security requirements as well as evaluating and selecting appropriate information security controls.
- Understanding of IT and information security trends, challenges.
- Knowledge of security vendors, systems and solutions.
- Ability to deal with incomplete, poorly defined or undocumented requirements.
- Analytical mind set.
- Initiative and proactive.
- Responsible and reliable.
- Ability to work in a team and as an individual.
- Process- and result-oriented vision.
What will you get with ELEKS:
- Compensation and competitive Social package
- Challenging tasks and R&D activities
- Professional development
- Team of professionals
- Dynamic environment with low level of bureaucracy
ELEKS is a custom software development company. We deliver value to our clients, thanks to our expertise and experience gained from working as a software innovation partner since 1991.
Our 1,400+ professionals located in the Delivery Centers across Eastern Europe and sales offices in Europe and North America, provide our clients with a full range of software engineering services. These include product development, QA, UX/UI, R&D, technology consulting and dedicated teams.