Information Security Officer
Занятость | Полная занятость |
Полная занятость | |
Адрес | Казахстан, Нур-Султан (Астана), проспект Мангилик Ел, 55/19 |
Responsibilities:
- Formulating the Cyber Security Policy according to AIX’s risk management process;
- Implementation of ISO27002/27032 (Certification dated August, 2019), and meet on-going ISO27002/27032 requirements.
- Outlining a cyber security work plan based on the Cyber Security Policy;
- Implementing a cyber security work plan together with relevant company officers;
- Ongoing analysis and assessment of the cyber security plan and policy according to AIX’s needs, threats and responses, as well as its preparation for dealing with cyber events;
- Ongoing professional management and guidance in the areas of cyber security in AIX;
- Controlling the implementation and management of cyber security in the broad organizational context and according to the policy;
- Initiating and managing management reviews;
- Formulating and approving AIX’s cyber security procedures;
- Updating the policy document and cyber security procedures in AIX;
- Helping information owners determine the level of information sensitivity that will dictate the level of security required;
- Coordinating security activities between relevant company officers;
- Raising employee awareness of cyber security issues;
- Involvement in projects and purchasing of products and services, whose acquisition has cyber security implications for AIX, with responsibility for assimilating and implementing cyber security mechanisms;
- Involvement in reception tests, as well as the deployment and assimilation stage of new ICT systems;
- Manage response and recovery process (determine containment ability while examining procedures and methods for addressing damage scenarios);
- Vendor Management (procurement, finance budget, etc.);
- IT Assessment of all new brokers for onboarding;
- Manage and support security control.
Requirements:
- Higher education (Computer Science, Information Technology)
- ISO 27001, CISSP, CISM certificates would be plus
- Experience in Cloud security, information security management system, risk assessment, etc.
Опыт | Более 6 лет |
График работы | Полный день |