Information Security Risk Specialist

Role Overview

• Performing information and cyber security risk assessments and business impact assessments.
• Performing cloud and vendor risk assessments.
• Maintaining and managing Information Security Management System (ISMS) programme based on industry standards such as ISO2700x and COBIT.
• Designing security controls on Microsoft 365 suite (SharePoint, Outlook, Entra ID, mobile device management).
• Planning and designing security frameworks and assisting to security architecture on various technology stacks such as Azure, applications, middleware, databases, networks etc.
• Advising and consulting multiple IT projects through all phases of standard project lifecycles.
• Defining, implementing and maintaining corporate security policies, procedures and controls.
• Reviewing and monitoring vulnerability management and security hardening programme.
• Performing, managing and coordinating penetration tests.
• Managing information security risk reviews and mitigation follow-ups.
• Contributing to information security policies and procedures reviews.
• Managing data security and data governance (Microsoft Purview) tools.
• Managing and maintaining security event monitoring (SIEM) systems.
• Acting as Business Continuity advisor, participating in Disaster Recovery (DR) drills, and giving recommendations for improvements.
• Assisting information security self-assessments in different security domains and regulation frameworks to ensure that the organization is compliant with relevant industry standards and regulatory requirements such as DORA, GDPR.
• Collaborating with third party auditors during IT audits and contributing mandatory regulatory self-assessments such as DORA.

Requirements

• Master or Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (Must have).
• Minimum 6 years of experience on information and cyber security domains with technical know-how and active participation such as network security, application and mobile security, database and data security, cryptography, penetration testing, vulnerability assessments, DevSecOps, cloud security.
• Azure or other public clouds experience.
• Experience on information security risk assessments.
• Having security certifications such as CISSP, CISA or similar ones is preferred.

Tech Stack

• Azure
• Cloud
• Cyber Security

Benefits

• 30 vacation days.
• 13th Month.
• 8% holiday payment.
• Laptop and Mobile phone.
• Annual extra appreciation payment.
• Pension Plan
• Defined contribution scheme.
• Collective Health Insurance – discount on additional health insurance.
• Educational budget and access to Coursera trainings.