Lviv

Senior Information Security Consultant

ELEKS Cyber Security Office is looking for a Senior Information Security Consultant in any of our offices or remotely.

Requirements

  • Experience in outsourcing business or product company
  • Hands-on experience with logging, encryption, MFA, SSO, IAM, CIS20 implementation, secure SDLC, CI/CD devsecops is beneficial
  • compliance management and policies/requirements enforcement/auditing
  • presale experience is nice to have (clarifying problems, crafting solutions and formal proposals with presentations
  • Experience in developing/maintaining ISMS
  • Knowledge of security frameworks/standards (e.g. ISO 27001, SOC2, NIST, HIPAA, PCI DSS, GDPR, ITIL, Cobit etc.). Ability to conduct readiness/gap assessments, provide recommendations.
  • Understanding of international and Ukrainian information security laws/regulations
  • Understanding of GRC framework
  • Understanding of secure coding practices, ethical hacking, threat modeling, secure SDLC process
  • Understanding of DR / BCP
  • Experience in defining security requirements as well as evaluating and selecting appropriate information security controls
  • Understanding of IT and information security trends, challenges
  • Knowledge of security vendors, systems, and solutions
  • Ability to deal with incomplete, poorly defined, or undocumented requirements
  • Technical writing
  • Preferably technical university degree (information or cyber security, computer science etc.)
  • English – upper-intermediate or higher

Responsibilities

  • Working with client’s requirements/questionnaires, mapping to internal documentations; suggest improvements
  • Risk assessments (understanding of enterprise solutions, integration mechanisms)
  • Create relevant information security policies and procedures
  • Develop both high- and low-level action plans for implementation of the information security policies and procedures maintaining the proper balance between business priorities, information security risks, and cost of controls implementation for the organization
  • Coach, advise, and drive adoption of developed policies and procedures and implementation of the action plans
  • Establish and maintain strong relationships with both senior and operating level business leaders to ensure alignment to customer and business needs while prioritizing key initiatives
  • Coordinate the maintenance of the Information Security Risk Management process, coordinate risk assessment cycle implementation with respective risk and control owner definition and development of Risk Treatment plans
  • Support audit cycle implementation to be done through preparation of materials for audit conduction, coordination of audits, participation in audits. Organize and manage the communication of results to the Management Team and respective involved parties
  • Participate in the customer information security compliance process. Identify and analyze customer requirements related to information security
  • Arrange a preparation for the external information security audits. Participate in the audit passing process
  • Coordinate the process of the implementation of the corrective actions to address nonconformities found during internal and external information security audits
  • Provide supervision and guidance for the information security team
  • Promote the compliance mindset: organize the development and delivery of required communication campaigns, awareness programs and trainings for different focus groups and different internal and external stakeholders
  • Provide subject matter expertise in information security for internal and external requests

What will you get with ELEKS

  • Above average compensation and competitive Social package
  • Close cooperation with a customer
  • Challenging tasks
  • Competence development
  • Team of professionals
  • Dynamic environment with low level of bureaucracy
  • Medical insurance

ABOUT ELEKS

ELEKS is a custom software development company. We deliver value to our clients, thanks to our expertise and experience gained from working as a software innovation partner since 1991.

Our 1,500+ professionals located in the Delivery Centers across Eastern Europe and sales offices in Europe and North America, provide our clients with a full range of software engineering services. These include product development, QA, R&D, design, technology consulting and dedicated teams.

Tetiana Palianychka
Recruiter Contacts
Apply
Apply via Linkedin

Noticed a perfect match for a friend?

Get a valuable bonus for a reference

Refer a friend