About the Role
As an Information Security Officer, you will be responsible for managing and implementing the organization's information security system across all our global operations. Your role will involve collaborating across teams to integrate security practices, conducting regular audits and risk assessments, and administering security tools. You will also handle incident response and management, policy development, threat and vulnerability management, IT infrastructure security, data protection, and audit management. This role requires strong knowledge and experience with ISO:27001, and familiarity with other cybersecurity frameworks is advantageous.
Roles and Responsibilities
Information Security Management
- Implement and manage the organization's information security system.
- Oversee user access controls, cryptography measures, and physical security of IT assets.
- Monitor security, manage security cases & tickets, and perform security incident analysis.
- Conduct regular security audits, risk assessments, and reviews focused on IT infrastructure and operations.
- Propose and implement strategies to mitigate identified risks.
- Analyze a variety of security logs to identify actionable events (SIEM reports-alerts-tickets, system, network, security monitoring tools).
Security Management
- Collaborate with the global ICT team to integrate security practices into daily workflows.
- Coordinate with different departments for consistent application of security practices.
- Participate in the design, implementation, and administration of security tools to reduce risk.
Incident Response and Management
- Respond promptly to all security incidents and breaches, varying from endpoint to server systems.
- Manage remediation efforts and implement improvements based on incident reviews.
- Research security advisories, e.g., CERT, and deliver an appropriate course of action.
Policy, Procedure Development, and Compliance
- Integrate and manage information security within daily operations.
- Maintain compliance with technical certifications.
- Regularly review and update policies as needed.
- Collect evidence and artifacts to meet compliance requirements (ISO:27001, PCI DSS, etc.).
Threat and Vulnerability Management
- Identify potential threats and vulnerabilities.
- Implement measures to manage and mitigate these threats and vulnerabilities.
IT Infrastructure Security
- Ensure that security controls are implemented across all networks and systems.
- Maintain the security of the overall IT infrastructure.
Data Protection
- Implement data protection measures, including secure storage and transmission of data.
- Ensure special protection for cardholder data as per PCI DSS requirements.
Audit Management
- Prepare for and manage internal and external audits.
- Ensure all necessary documentation is in order and readily available for audits.
Qualifications
- Bachelor's degree in IT, Computer Science, or a related field
- 2 3 years of experience in information security management, or any cybersecurity related field.
- Strong knowledge and experience with ISO:27001 is required.
- Experience with PCI DSS and/or NIST is advantageous.
- Strong English communication skills, both verbal and written.
- Ability to work well in a team and collaborate effectively with colleagues at all levels.
About Eastvantage
At Eastvantage, our mission is to create meaningful jobs. Through our portfolio of premium and select clients, we provide careers that are knowledge-based, inspiring, and always with the potential for development and growth.
We are an independently-owned outsourcing company with European roots, servicing global companies that have offices in every populated continent in the world. We have been in the industry for a decade, growing from a handful to over 1,000 happy employees over the years.
We invite you to navigate our site to get to know who we are, to see what sets us apart in culture and thinking. Because of this, we carefully select who we work with, both customers and co-workers, which is why people happily stick with us for a wonderful amount of time. We hope to convince you to apply with us and be part of our success story.
