Information Security Specialist

Purpose:

Increase the maturity level of the perimeter's Information Security (hereafter ‘IS) standards and policies, but even more important is to create awareness among the Business and IT teams across the regions.

Responsibilities:

• ​​Create, review, improve and implement regional Cyber Security policies;
• Perform and execute vulnerabilities scan, assessments and tests (and actions), follow up and complete on a regular basis;
• Security operations. Detect and Response: based on security event and incident monitoring, using a variety of available tooling. Identify and drive improvements based on incidents, external threats and threat hunting;
• Contribute to the regional security strategy, propose improvement based on identified risks, weaknesses and threats and drive implementation for the assigned tasks.

Requirements:

• Location: Astana
• Bachelor's or Master's degree (Computer Engineering & Software, Computer Science, Information Systems, Information Security Systems, Cyber Security, Network Security);
• 5+ years of experience in IT/Cyber Security and/or IS environment is a must. Ideally, in a similar business environment (mining, energy, oil & gas);

• COMPTIA, CEH, CISSP, CISM, Certified Microsoft Security professional, or similar certificates:

• Experience with OT, Scada/ICS is a big plus;

• Knowledge of Crowdstrike, Nessus, Forcepoint, Splunk, Qualys, OpenSource (github, etc);

• Strong knowledge of IS frameworks and understanding of Information Security principles;
• English - Upper-Intermediate (highly desirable).