Information security auditor (Security auditor) in IT SPECIALIST, TOV

IT Specialist is a Ukrainian IT integrator founded in 2014. Our success is the success of our customers. That's why we care about the security and continuity of their business. We are valued for an individual approach to each project and attention to the most invisible details.

Our company provides professional services and solutions in the field of IT and cyber security for medium and large businesses, namely:

- Enterprise Service Bus and integration of business applications;

Monitoring the performance of business applications;

- Conducting penetration testing and security assessment.

We have a team of 150 professionals working as one unit, and we have no plans to stop!

Job Description:

We are looking for a highly qualified Information Security (IS) Auditor to join our professional team. You will be responsible for conducting audits and implementing related projects related to compliance with standards, directives, best practices in the field of IS.

Responsibilities:

• Conducting complex IS audits, including analysis of policies, procedures, technical and organizational protection measures
• Assessing the compliance of systems and processes with the requirements of international standards, regulatory acts and internal policies of the company, etc.
• Conducting interviews with by key stakeholders, collection of the evidence base and documentation of audit results
• Preparation of detailed reports on audit results, including conclusions, non-conformities, recommendations for their elimination and improvement of security level
• Monitoring of the implementation of recommendations and support of the customer team during the implementation of corrective actions
• Participation in audit projects in accordance with ISO/IEC27001, NIST CSF, NIS 2, DORA, etc.
• Participation in complex IT audit projects

Expectations from the candidate:

• Higher education
• 3 years of work experience in positions related to IT audits
• Knowledge of the main standards in the IT field: ISO/IEC27001, NIST CSF, NIS 2, DORA, Security ICS Authorization, NBU Regulations, etc.
• Basic knowledge of the basics of networks, operating systems, databases, application architecture, IT technical solutions
• English language - intermediate level

Preference is given to candidates who have:

• Experience in developing regulatory documents (policies, rules, instructions)
• Experience in working with objections and complaints
• Experience in establishing productive communications with "difficult" clients
• Experience in IS risk analysis
• ISO/IEC27001, CISSP, CISM, CISA, QSA certification
• Education in the field of cyber security, IT

We offer:

• a comfortable office in the Sigma business center with reliable underground shelter and the availability of uninterrupted Internet, water supply and electricity.
• medical insurance, after a trial period;
• 22 working days of paid vacation per year and paid sick leave;
• all necessary equipment for work;
• friendly team and open management;
• training and mentoring;
• opportunities for development, both personal and professional

Interview process:
Communication with the recruiter >>> interview with the team >>> final interview  >>> offer

Join our friendly IT team!

Kyiv, Sigma Business Center, Vaclav Havel Boulevard, 6, Building 3