ICL Services is one of the leading outsourcing companies according to the International Association of Outsourcing Professionals’ annual rating (IAOP) and core partner of Fujitsu. Today, the company works with more than 80 major clients from 30 countries. We are dynamic, determined, and provide a broad scope of services to some of the largest and most diverse companies in the world. For this, we are also well-respected and constantly strive to maintain our standards of professional excellence and ethical conduct.
What we offer:
- A full-time employment contracts
- An opportunity to work on challenging projects with some of the world's largest companies
- Compensation package (private health insurance, team-buildings, professional education and certification)
- Opportunities for advancement within the company:
- 20% of employees got salary raise or carrier growth
- Opportunity to participate in various corporative programs (MVP - mentoring program)
- Opportunity to be a part of socially responsible business (various activities to support our employees and community generally). A highly professional, but very friendly team you will enjoy being a part of
- Overtime working hours are recorded and compensated
- Human corporative culture:
- 90% like the atmosphere in the company
- 94% trust the professionalism of colleagues and ask them for help in difficult situations
- Professional education and certification – ICL genuinely value its employees and works continually on knowledge improvement across the business spectrum
- Every newborn receives a gift from the company in the amount of 300 euros.
Responsibilities:
- Act as a Security related point of contact for customer/account and enhance Information Security in collaboration with customer IT Security teams; Oversee other IT or/and IT Security Teams / Third parties for Information Security matters and act as a key liaison between them.
- Manage Information Security risks in order to ensure that customer information security risks are properly identified, assessed and handled.
- Maintain and ensure compliance within customer’s environment to Information Security Management System (ISMS) used by customer (e.g. ISO 27001, PCI-DSS, etc).
- Assure the operational security of the provided services and compliance with the contractual security obligations and documented security policies and procedures.
- Define, implement, disseminate and control of Information Security policies and processes.
- Support customer/account team in the planning and setting up of the external penetration testing/security audits as well as support them in the risk treatment plan and remediation post the penetration testing/security audits.
- Provide and propose Information Security improvements within customer IT infrastructure based on best practices.
- Organize, attend and follow up on Information Security related meetings with customer and account team in order to discuss and make decisions regarding security related topics.
- Act as an escalation point for security events and major security incidents, communicating with the account and customer where necessary. Providing input into major security incidents.
- Assure compliance against the customer’s corporate PAM process.
- Support vulnerability management process: collate report and provide advice with customer / account team on patches to be applied. Manage exceptions from the process.
- Provide a review, an assessment and approval on architecture designs & service changes to existing customer infrastructure and information systems
- Provide reporting on Information Security and oversee of security services KPIs
- Define, plan implementation and upgrade of security measures and controls within customer environment.
Requirements:
- Demonstration of effective management skills and high attention to details;
- Learn, assess, test and select new security solutions and technologies on the market in order to use good knowledge of business benefits that these new security solutions/technologies can bring to the customer;
- Ability to prepare cost estimates for security projects/changes and identify integration issues;
- Ability to use good knowledge of International Information Security standards and frameworks (such as ISO 27001/27002, COBIT, PCI, NIST, CIS Controls etc.) in order to improve information security posture and governance;
- Security Risk Management (Identification, assessment, analysis and treatment/define mitigation strategies) and Cyberthreat modeling;
- A good technical background in either Networks, Security, Unix/Wintel:
- Information Security concepts: PKI, AAA, Cryptography, Definition, usage and work experience of some of the following security solutions (Enterprise Antivirus, Firewall, intrusion detection/prevention, IDM and SIEM systems), Multifactor Authentication, Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication;
- Networks: Subnetting, DNS, encryption technologies and standards, VPNs, VLANs and other network routing method, network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.);
- Unix or Wintel: Operating system administration (advanced level)
- Budget management as a plus;
- Secure coding practices and ethical hacking concepts as a plus;
- Scripting languages (PowerShell, Python) as a plus;
- PCI, NIST and SOX compliance assessments as a plus
We are looking forward to receiving your resume. Our selection process consists of an introductory interview with the team in Belgrade, and a professional interview with our IT experts in Kazan. We endeavor to make our selection process as quick and as transparent as possible – don't hesitate to ask if you have any questions. Please, bear in mind that only shortlisted candidates will be contacted for an interview.
