I am looking for a colleague that will stand at the helm of global IT Security projects, coordinating and ensuring their successful implementation. This position is open in a prosperous FinTech company with very successful operations in the Czech and international markets. The company promotes a flat structure and informal ambiance.
In this position, you should be able to independently work on assigned assessments and/or detected incidents and crises, swiftly respond and escalate when necessary. Additionally, you help to identify root cause, proposes and defines direct and long-term corrective measures and also takes ownership for actions of incident prevention.
Finally, you should be able to manage remediation activities identified during internal/external audits across all entities. The role also proposes the best assessment methodology and ensures that the level of security is in line with internal IT Security documentation & legal/regulatory requirements.
Investigates security breaches and other cybersecurity incidents
Suggests IT security recommendations and designs appropriate IT security measures regarding identified findings from IT security incidents or assessments
Assesses and enforces remediation activities in the company
Manages related IT security solutions/tools for IT security investigation
Handles events such as identifying security issues, extensive troubleshooting, and coordinating resolution. The events can include hardware/software failures as well as security breaches and threats, or network connectivity issues.
Conducts IT security assessments and evaluations discover vulnerabilities in information systems, performs penetration tests. Identifies and resolves potential security breaches and vulnerability issues.
Fully coordinates or supports activities to ensure compliance with internal and external IT security requirements
Properly reports and tracks the remediation of IT security assessments findings
min. 2 years experience in IT / information security, IT audit or IT risk management area
Good experience with the management of crisis situations, multicultural and multinational communication
General knowledge of/about:
IT security assessment and security audit techniques
IT and Information Security good practice (ITIL, ISO 27001, PCI-DSS etc.)
Microsoft, UNIX and middleware infrastructure administration, IT architecture, and network security
Ability to quickly analyze the situation and identify root cause, define corrective measures and take ownership to prevent incidents if possible
Experience with penetration testing (web & mobile applications, operating systems, services)
Proven track of 1-year experience in assessor role
Fluent English (spoken and written)
Professional certification in the areas of information security, IT / security audit techniques is an advantage