Cyber ​​security specialist / Information Security Lead in Fond Dekarbonizaciyi Ukrayini, Akcionerne tovaristvo

About the role

Decarbonization Fund of Ukraine JSC is looking for a Cyber ​​Security Specialist who will be responsible for the formation and implementation of the Company's comprehensive cyber security system.

This is a key role for a specialist who will be able to build the information and cyber security function from scratch: from policies and procedures to risk control, incident response and compliance with regulatory requirements. At the first stage, this is the only position that combines strategic and practical functions of cyber security.

Areas of responsibility

• Formation and implementation of the Company's cyber security strategy.
• Development, implementation and updating of information security policies, standards and procedures.
• Analysis of cyber security risks, determination of protection priorities.
• Organization and coordination of measures for technical and organizational protection of information.
• Monitoring of information security events and response to incidents.
• Management of cyber security incidents (detection, localization, investigation, elimination of consequences).
• Conducting vulnerability assessments, basic security tests, participation in pentest activities (in-house or with contractors).
• Control of compliance of internal processes requirements of legislation and regulators in the field of information security.
• Preparation of incident response plans, business continuity plans (BCP) and disaster recovery plans (DRP).
• Interaction with the IT department during the implementation of new systems and services (security by design).
• Consultative support of the Society's divisions on cyber security issues.
• Participation in inspections, audits and interaction with regulatory bodies within the scope of competence.
• Formation of requirements for contractors and control of security aspects of outsourcing services.
• Increasing the level of awareness of the Society's employees on cyber hygiene issues.

Who we are looking for

• Experience in the field of cyber security / information security from 3-5 years.
• Practical understanding of modern threats, methods of attacks and methods of protection.
• Experience in developing information security policies, regulations, plans.
• Understanding the principles of building IT infrastructure, networks, servers, web applications.
• Experience in responding to information security incidents.
• Knowledge of the basics of risk management.
• Skills work independently and make decisions.
• System thinking and the ability to combine a strategic and practical approach.

It will be an advantage

• Experience in implementing or supporting ISO/IEC 27001, NIST, CIS Controls.
• Knowledge of the requirements of Ukrainian legislation in the field of information protection.
• Experience in working with SIEM, DLP, IAM, EDR or similar systems.
• Practical skills of working with Linux / Windows Server.
• Experience of conducting internal security audits.
• Profile certifications (CISSP, CISM, CEH, ISO 27001 LA/LI) or readiness to receive them.

What we offer

• A key role in building the cyber security function of the Society with zero.
• Real impact on the architecture and processes of digital products.
• Supportfrom management in the implementation of security initiatives.
• Clear understanding of the area of responsibility and authority.
• Possibility in the future to form your own cyber security team.
• Official employment and social guarantees.
• Competitive salary.

How to apply

Send your resume through the search portal jobs.

Candidates selected based on the results of the CV review will be invited to an interview.

Salary: 65,000 (before tax).