— Information security awareness program: develop, maintain program, provide internal trainings, developing gamification, platform, periodical stress-tests, evaluations etc.;
— Information security Governance — developing policies, instructions, procedures;
— Classifying corporate data and performing risk assessments.
— Experience designing and implementation of IT security awareness program with proven results;
— Practical experience with developing IT Security policies/procedures;
— Hands on practical experience with classifying data and design applicable security controls for risks mitigation;
— Experience with IT security audit of
— Coach/trainer skills. Experience with conducting in-class training for different groups of employees;
— Practical knowledge with managing of IT security controls at highly distributed companies;
— Basic knowledge of security systems on the market (eg. Firewall, Antimalware, IDS/IPS, SSL/IPSec VPN, Proxy, Remote Access, PKI, etc.);
— Knowledge of ISO 2700x series, NIST standards, GDPR, PCI DSS.
— Experience of 4+ year as Information security\IT security specialist;
— Experience of defining and implementing security processes for both big (1000+) and small (50+) companies/startups will be considered as a plus;
— Strong analytical and communication skills, ability to dive deep into details;
— Ability to multitask, work under pressure within limited deadlines and desire for self-development.
— Knowledge in IT service management ITIL v3\Cobit;
— ISACA’s CISA/CISM/CRISC certification or CISSP certification;
— Other IS/ITSec standard-related certification.