Responsibilities:
- Strategic Security Framework: Develop and execute a robust information security framework, emphasizing NIS2 compliance and potential ISO 27000 certification.
- Risk Assessment: Regularly assess security risks, identify vulnerabilities, and recommend mitigation strategies.
- Policy Enforcement: Establish and enforce security policies, procedures, and standards across the organization.
- Technology Management: Oversee the deployment, maintenance, and monitoring of security technologies, including firewalls, intrusion detection systems, and data loss prevention tools.
- Incident Response: Lead incident response efforts, swiftly identifying, mitigating, and recovering from security incidents.
- Collaboration: Work closely with cross-functional teams to ensure the security of networks, systems, and applications.
- Continuous Learning: Stay abreast of the latest security trends, emerging technologies, and regulatory requirements.
- Security Awareness: Conduct engaging security awareness training programs for employees, fostering a culture of vigilance.
- Log Analysis: Monitor and analyse security logs and reports, proactively identifying patterns and potential breaches.
- Vendor Relations: Collaborate with vendors, auditors, and third-party providers to maintain compliance.
Requirements:
- Education: Bachelor’s degree in Information Technology, Law, or a related field (Master’s preferred).
- Language Skills: Proficiency in English (minimum B2 level).
- Experience: Minimum of 3 years in information security, with a successful track record of implementing and managing ISMS within medium to large corporations.
- Knowledge: In-depth understanding of information security principles, technologies, and best practices.
- Regulatory Familiarity: Strong grasp of regulatory requirements, including NIS(2), local cyber security regulations in the Czech Republic, NERC CIP, ISO 27001, and GDPR.
- Risk Management: Experience conducting risk assessments and developing effective mitigation strategies.
- Technology Proficiency: Skilled in deploying and managing security technologies, including IDS/IPS, SOC, SIEM, SOAR, and DLP systems.
- Communication: Excellent collaboration and communication skills, working effectively with cross-functional teams.
- Certifications: Relevant certifications such as CISSP, CISM, or CRISC are highly desirable.
Benefits:
- Flexible Work: Enjoy the option of remote work (1 day a week) or on-site presence.
- Learning Opportunities: Access courses and trainings to enhance your professional growth.
- Perks: Meal allowance, bonus pension, health insurance, and performance-based bonuses.
- Work-Life Balance: Maintain a healthy balance with 7.5 working hours a day.
- Company Culture: Engage in company events and team-building activities.
- Global Exposure: Opportunity for international travel.
- Stability: Join a well-established international company with contracts secured several years in advance.