Head of Information Security

  • We are looking for a Head of Information Security who will build Information Security function, vision and a roadmap for the Group of Companies. The scope of responsibility will be establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. You will be dealing with identifying, developing, implementing, and maintaining processes across the enterprise to reduce information and information technology risks. You will manage establishing appropriate standards and controls, manage security technologies, and direct the establishment and implementation of policies and procedures.
  • €Salary negotiable
  • Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program
  • Work directly with the business units to facilitate risk assessment and risk management processes
  • Develop and enhance an information security management framework
  • Understand and interact with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
  • Provide leadership to the Information Security Team
  • Partner with business stakeholders across the company to raise awareness of risk management concerns
  • Assist with the overall business technology planning, providing a current knowledge and future vision of technology and systems
  • Partner with business stakeholders to mitigate information risk management concerns
  • Work directly with the business units to facilitate risk assessment and risk management processes
  • Maintain effective communication and coordination with IT Development and Operations teams in security-related areas
  • Ensuring that information assets and technologies are properly protected
  • Govern architecture, implementation and operations of IT systems from security perspective
  • Security architecture: planning, buying, and rolling out security tools
  • Application-related:
  • Manage Application Security in accordance with SDLC principles
  • Management of external BugBounty program, pentesting
  • Operations-related: identity and access management. Ensuring that only authorized people have access to restricted data and systems, management of Security incidents. Investigations and forensics, operate security tools: WAF, VPN, SIEM, etc.
  • Management and development of security education program for employees
Key requirements:
  • At least 10 years of experience in Information Security (including management experience)
  • Team management skills
  • Ability to leverage business communication skills to inform, convince, and educate stakeholders, employees and leadership to enable effective information security activities and processes
  • Knowledge of most common vulnerabilities and ways of mitigation of their exploit
  • Hands-on experience with modern information protection systems, including open source products
  • Experience in administering of Linux и Windows systems
  • Administering and security configuration of virtualization, containerization (Docker) and cloud services (AWS)
  • Cryptography foundations. Knowledge of X509 standard and experience with PKI administration
  • Experience with audits: internal and external
  • Broad spectrum of tech knowledge in the following areas (the list is not exhaustive): Linux family, Docker, Kubernetes, vSphere, AWS, Vault, LDAP, Cisco ASA, Microsoft WIndows / AD, SSO
  • ITSM fundamentals, project management
  • English language (Upper Intermediate or higher)
  • General acquaintance with regulatory frameworks and compliance requirements associated with financial services is a plus
  • Any industry certifications are a plus
  • Visa and relocation for employee and his/her family (tickets, visas, work permit, corporate flat for the first month, etc)
  • Medical insurance for employees and family members
  • Nursery/school compensation program
  • Transportation, sports, meals, etc.
We will contact you soon
By filling out the feedback form on the site, I consent to the processing of my personal data
Made on