Introducing the No Hiring Fee Package!
Post vacancies
Hire without commissions
Next job
Methodology & Audit Specialist (expert) | GRC Action in Diya
5 March
1 view
Diya
Without experience
Kyiv
Full-time work
We are forming a team that ensures information security and compliance with international standards for the Diya ecosystem. Our GRC department is a strategic partner that supports the maturity of the company's information security and implements best practices in the field of risk management and compliance.Our values:We believe in thinking differently, which allows us to be one step ahead in the field of information security. Our client-centricity is manifested in ensuring reliable protection of
We are forming a team that ensures information security and compliance with international standards for the Diya ecosystem. Our GRC department is a strategic partner that supports the maturity of the company's information security and implements best practices in the field of risk management and compliance.
Our values:
We believe in thinking differently, which allows us to be one step ahead in the field of information security. Our client-centricity is manifested in ensuring reliable protection of user data. We value cooperation and openness, working closely with different departments to achieve a common goal. Integrity and perseverance are key qualities that help us meet the highest security and compliance standards.
Your main mission:
Ensure compliance of the Diya ecosystem with international information security standards, support and develop the information security management system (ISMS), as well as promote the implementation of new certifications to increase the level of protection and trust in the digital services of the state.
In focus work:
– development and updating of target security profiles for information and communication systems;
– conducting a risk-oriented assessment of systems and development of risk mitigation measures;
– support and improvement of the information security management system (ISMS);
– integration of national regulatory requirements into the existing ISMS;
– preparation of documentation for ISO 27001 certification and audit procedures;
– participation in the implementation of new standards (ISO 27701, ISO 42001) at the enterprise to expand the scope of certification.
We expect from you:
– higher education;
– practical understanding of ISO/IEC 27001 and its application in the operational environment;
– knowledge of the regulatory framework for information protection in ICS and critical infrastructure (OKI);
– skills in formalizing technical settings (OS, networks, services) in the format of security profiles and descriptions of ISO 27001 security controls.
It will be a plus:
– knowledge of the English language at the B2+ level;
– experience working with ISO/IEC 27701;
– a basic understanding of ISO/IEC 42001.
We are looking for talent who:
– able to independently organize his working time and effectively plan tasks;
– has an analytical mindset and knows how to work with complex regulatory requirements;
– shows initiative in improving processes and implementing new security practices;
– is ready to constantly learn and follow new trends in the field of information security.
We offer:
– the opportunity to influence the level of information security of state digital services;
– work with best practices and international standards in the field of GRC;
– professional development and participation in the implementation of innovative approaches to security;
– flexible work schedule after successful completion of the trial period;
– office with a generator;
– reservation of employees subject to up-to-date military records.
Ready for a challenge?
We are not just looking for a specialist, and an expert whocan ensure the highest level of information protection and compliance with international standards for the state's digital services. If you are ready to take responsibility for the data security of millions of Ukrainians and develop a culture of information security at the national level, join our team!
Our values:
We believe in thinking differently, which allows us to be one step ahead in the field of information security. Our client-centricity is manifested in ensuring reliable protection of user data. We value cooperation and openness, working closely with different departments to achieve a common goal. Integrity and perseverance are key qualities that help us meet the highest security and compliance standards.
Your main mission:
Ensure compliance of the Diya ecosystem with international information security standards, support and develop the information security management system (ISMS), as well as promote the implementation of new certifications to increase the level of protection and trust in the digital services of the state.
In focus work:
– development and updating of target security profiles for information and communication systems;
– conducting a risk-oriented assessment of systems and development of risk mitigation measures;
– support and improvement of the information security management system (ISMS);
– integration of national regulatory requirements into the existing ISMS;
– preparation of documentation for ISO 27001 certification and audit procedures;
– participation in the implementation of new standards (ISO 27701, ISO 42001) at the enterprise to expand the scope of certification.
We expect from you:
– higher education;
– practical understanding of ISO/IEC 27001 and its application in the operational environment;
– knowledge of the regulatory framework for information protection in ICS and critical infrastructure (OKI);
– skills in formalizing technical settings (OS, networks, services) in the format of security profiles and descriptions of ISO 27001 security controls.
It will be a plus:
– knowledge of the English language at the B2+ level;
– experience working with ISO/IEC 27701;
– a basic understanding of ISO/IEC 42001.
We are looking for talent who:
– able to independently organize his working time and effectively plan tasks;
– has an analytical mindset and knows how to work with complex regulatory requirements;
– shows initiative in improving processes and implementing new security practices;
– is ready to constantly learn and follow new trends in the field of information security.
We offer:
– the opportunity to influence the level of information security of state digital services;
– work with best practices and international standards in the field of GRC;
– professional development and participation in the implementation of innovative approaches to security;
– flexible work schedule after successful completion of the trial period;
– office with a generator;
– reservation of employees subject to up-to-date military records.
Ready for a challenge?
We are not just looking for a specialist, and an expert whocan ensure the highest level of information protection and compliance with international standards for the state's digital services. If you are ready to take responsibility for the data security of millions of Ukrainians and develop a culture of information security at the national level, join our team!
Without experience
Kyiv
Full-time work