Ciklum is looking for an I nformation Security Analyst to join the Kyiv team on a full-time basis.
An Information Security Analyst handles all aspects of IT security (Information, Cyber and Physical), creating and implementing corporate IT security standards and practices and ensuring that the IT environment and employees follow those rules.
Participation in Security Incidents identification, investigation and corrective actions.
Planning, implementing and measuring an effective and compliant Ciklum IT Security Strategy
Supporting compliance with ISO 27001 Standard
Creating and continuous improvement of the policies and procedures
Development and improvement of Ciklum security standards and blueprints
Conduct information security risk assessment and treatment planning
Implementation and continuous improvement of security controls
Coordinating of internal, certification and supervisory audits
Supporting IT infrastructure vulnerability and penetration testing
Regularly conduct a security review and audits of server and network equipment configurations, physical security measures
Security events monitoring analytics and reporting
Audit of access matrix and controls
Verify appropriate patch management across IT Infrastructure
Continuously develop endpoint security standards
Information Security incident response, investigation, escalations and reporting.
Development of security education and awareness programme
4+ years of experience as IT security specialist / analyst
Knowledge and practical experience of supporting the implementation, maintenance and adherence of a corporation to ISO27001, OWASP ASVS, Privacy regulations
Knowledge and practical experience of ensuring the existence and effectiveness of core IT security and architectural components : firewalls, switches, routers, VPN, authentication, encryption, IPS, traffic management, storage, databases, virtualization, automation, configuration management
Knowledge of English must be Upper-Intermediate or higher
Wide knowledge and passionate about cybersecurity, top edge technologies, information security threat landscape
Strongly preferred : Holder of professional information security qualifications : CISSP, CISA, ISO27001 LA / LI (or equivalent)
What's in it for you
Variety of knowledge sharing and training opportunities
Career and professional growth
Possibility to work in a big and successful company
State of the art, cool, centrally located offices with warm atmosphere which creates really good working conditions