Enamine is a fine chemical R&D company, which works with European and US customers. Originally it was founded in 1991, and now the company is one of the main chemical R&D products and services providers for the world pharma and agro industry.
25 ноября 2020

Information Security Officer (вакансия неактивна)

Киев

THE OPPORTUNITY
Enamine is one of the major chemical R&D product and service providers for the world pharma and agro-industry. We have well developed IT landscape, which includes both out-of-the-box systems purchased from the leading IT solutions suppliers as well as our own in-house created software and specific chemical products. As a part of strategic IT improvement initiative, we are looking for Information Security Officer.

IN THIS ROLE YOU WILL:
• Conduct internal security audits and create action plan based on the audit results
• Develop and enhance an information security management framework to ensure business sustainability
• Build and maintain compliance guidelines. Create policies and standards for IT security and compliance
• Conduct general IT security awareness trainings for the company staff
• Evaluate and manage corporate risks related to IT security
• Build and maintain application-specific threat models, explicitly apply security principles to design
• Participate in the corporate certification and compliance activities
• Design and implement security architecture and detailed cyber security designs together with IT and software development departments
• Prepare and document standard operating procedures and protocols
• Cooperation with Account Management, Sales & Marketing, Legal, Delivery and Clients for all security related topics (audits, contractual compliance, reviews, risk assessments, etc.)
• Keeping up to date with developments in IT security standards and threats

WE ARE LOOKING FOR SOMEONE WHO HAS:
• 4+ years in IT security and compliance
• Extensive, practice-based knowledge of security management frameworks, such as ISO 27k series, GDPR, SOC etc.;
• Proven track record of IT security audits/projects implementation
• Ability to develop information security policies and guidelines and derive security requirements from them;
• Understanding access modeling. Ability to develop access models and assess them. Understanding of segregation of duties
• Experience in IAM solutions. Understanding of purpose and approaches of IAM. Knowledge of key tasks: identify, authenticate, and authorize
• Good knowledge of risk management, its purpose, and approaches. Ability to evaluate risks and create risks management plan
• Understanding OWASP Top 10. Ability to describe vulnerabilities, ways of exploitations, and fix methods
• Understanding of vulnerability management. Knowledge in vulnerability scanners. Ability to validate scan results and provide recommendations
• Ability to develop and conduct security trainings and workshops
• Fluent English
• Good communication skills, responsible, initiative, self-organized, eager to learn
• Experience in Secure SDLC would be a plus

WE OFFER:
• Competitive compensation depending on experience and skills
• Interesting business domain (chemistry)
• Flexible working hours
• Comprehensive benefits package including sick leaves, annual vacation, medical insurance and sport compensations
• Individual annual budget on education
• Friendly working environment
• English language courses
• Convenient office location
• Dental services and therapeutic massage in the office

Горячие вакансии

Все вакансии