Head of the information security department in Agenciya Oboronnih Zakupivel

The DOT Defense Procurement Agency is a state enterprise engaged in the procurement of equipment, ammunition, UAVs, food, clothing, fuel and lubricants for the Armed Forces and the Defense Forces.

Our mission: we provide the Defense Forces and develop the national defense industry for the stability and defense capability of Ukraine.

Our vision: driver of the development of the system of support of the Defense Forces of Ukraine according to NATO standards.

We are currently looking for a Head of the Information Security Department who will be fully responsible for the cyber security of the Agency.

Job duties:

• Management of the direction of cyber security in the enterprise.
• Coordination of cyber security projects.
• Building and ensuring the efficiency of the information security management system process according to the DSTU ISO/IEC 27001:2023 standard.
• Building and ensuring the effectiveness of cyber security and information security processes (cyber risk management, incident management, change management, vulnerability management, etc.).
• Control of the implementation of information security policies, standards, provisions and procedures in accordance with the DSTU ISO/IEC 27001:2023 standard.
• Conducting an internal audit of the ISMS process for compliance with the requirements of the DSTU ISO/IEC 27001:2023 standard.
• Implementation of cybersecurity documents and processes at the Enterprise.
• Interaction with contracting organizations, partners, vendors in the field of cyber security.
• Conducting an annual assessment of cyber risks.

Requirements for candidates:

• Experience in building an information security management process in accordance with the DSTU ISO/IEC 27001:2015 or DSTU ISO/IEC 27001:2023 standard.
• Experience in developing information security policies, standards, regulations and procedures.
• Knowledge of cybersecurity requirements in accordance with Ukrainian legislation.
• Experience in conducting an internal audit and verifying the compliance of the built information security management system with the requirements of the DSTU ISO/IEC 27001:2015 or DSTU ISO/IEC 27001:2023 standard.
• Experience in the development and implementation of cyber security documents at the enterprise.
• Experience in building and ensuring the effectiveness of the vulnerability management process.
• Experience in building and ensuring the effectiveness of the change management process.
• Experience in building and ensuring the effectiveness of the incident investigation process.
• Experience in building and ensuring the effectiveness of the security monitoring process.
• Experience building or maintaining an Incident Investigation and Response process.
• Experience in assessing and handling cyber risks.
• Experience in developing and testing: Incident Response Plans, Business Continuity Plan (BCP), Disaster Recovery Plan (DRP).

Will be an additional plus:

• Understanding the NIST Cybersecurity Framework.
• Experience of building CSZ on systems.
• Experience in developing playbooks to ensure the effectiveness of the incident investigation process.

We offer:

• A team where everyone is important: we are a team of like-minded people, where the bond reignsrespect and support.

• Transparency and systematicity: clear goals, clear internal communications and a systematic approach.

• Professional growth and training: we promote the continuous development of our employees.

• Comfortable start: a structured adaptation process awaits you and the support of a mentor who will help you quickly get up to speed.

• Competitive conditions: official employment, social guarantees, competitive wages and the opportunity to work on the country's largest projects.

• Comfort and working conditions: a modern, cozy office within easy reach of the metro, equipped with shelter and uninterrupted internet.

Learn more about our activities and corporate culture:

• Instagram

• Linkedin

• Facebook

Joining our team, you will get a chance to personally create a fundamental reform of the provision of the Defense Forces of Ukraine and make your contribution to the victory of Ukraine.

Ready to turn your expertise into a real contribution to victory? Send your resume now!

*Please note: by sending your resume, you automatically consent to the processing of your personal data in accordance with the law.

**Due to the volume of feedback we receive, feedback will only be provided to those candidates whose experience and qualifications most closely match the requirements of the position.