Are you interested to start a career in one of the most trending and demanding areas of Information Security and Data Protection? PECB has an opportunity for you.
We are looking for a young (but mature), driven (but professional), and a fluent English speaker (not average) to join our team in Kosovo on the role of Junior Information Security Manager. We are not looking for experts, as we are keen to help you grow professionally.
The Junior Information Security Manager will participate and share responsibilities when performing cyber threat and vulnerability intelligence, system monitoring, security incident response and controls automation. The manager is expected to develop and manage information systems security strategies, including disaster recovery, data protection, internal auditing, breach investigation and policy and procedure administration.
Responsible for information security policies, procedures, access control, and technical systems security settings in order to maintain the confidentiality, integrity, and availability of all PECB Systems (including IT infrastructure and applications). The Junior Information Security Manager will provide recommendations on how to mitigate vulnerabilities, work with developers to advice on security needs and requirements, and update security policies and procedures.
Description of duties and responsibilities:
a) Establish a process to periodically update policies and procedures to ensure they accurately reflect business requirements and align to industry leading security practices;
b) Provide oversight and continuous enhancement of cyber security awareness program and improvement on risk management;
c) Ensure periodic testing is conducted to evaluate the security posture of IS.
d) Conduct periodic reviews of ISs to ensure compliance with the System Security Plans (SSP);
e) Provide technical support in Technology projects to ensure security standards are met;
f) Actively participates in preparing, and authorizing the implementation, of necessary information security policies, standards, procedures, and guidelines;
g) Prepare and submit Plan of Action & Milestone (POA&Ms) identifying IS weaknesses, mitigating actions, and the resources and timelines for corrective actions.
h) Maintain POA&Ms for all security-related vulnerabilities and ensure serious or unresolved violations have visibility on their corrective action;
i) Investigate and analyze details of security incidents;
j) Maintain a flexible work schedule to meet position demands for after-hours support;
k) Actively participate in designing and operating activities related to compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations;
l) Communicates audit findings and coordinates their resolution by preparing reports, status updates and discussing findings with stakeholders;
m) Forms a “Centre of Excellence” for information security management, for example offering internal management consultancy advice and practical assistance on information security risk and control matters throughout the organization;
n) Develop and manage controls to ensure compliance with the wide variety and ever changing requirements resulting from laws, standards and regulations;
o) Liaise with senior and middle managers throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies;
p) Plan and organize internal training and webinars to increase awareness on information security;
q) Be up to date with the latest developments and security threats to ensure preparedness and bulletproof protection;
r) Monitor the internal IT infrastructure for any potential information security threats;
s) Other duties as assigned by the management;
• High level of integrity to deal with confidential information;
• Fluency in English language (written and spoken);
• Bachelor degree in Computer Science, Computer Information Systems, Business Administration, or its equivalent in work related experience;
• CISCO IT Essentials
• CISCO CCNA
• Experience with data classification, access control, and security models;
• Strong analytical and problem solving skills;
• Ability to work effectively with people at various levels throughout the organization;
• Must work well under pressure, grasp new ideas quickly, think outside the box, and be able to follow up in a dynamic environment;
• Strong multi-tasking skills in a fast paced environment;
• Strong team player;
• Work well independently with minimum supervision;
• Excellent verbal and written communication and interpersonal skills;
• Excellent knowledge of technical management, information analysis and of computer hardware/software systems;
• Expertise in data governance;
• Strong attention to details;
• Ability to work independently and with groups;
• Adaptability to a changing and fast paced work environment;
• Great customer service skills;
What we offer:
• Competitive salary
• Professional Growth
• Professional training courses in Information Security, GDPR, and others
• Opportunity to be enrolled in PECB University for free
PECB is an international certification body for persons, products, and management systems on a wide range of international standards. As a global provider of training, examination, audit, and certification services through a global network of more than 1000 partners, PECB offers its expertise in multiple fields.
Before applying, we recommend you read about our Corporate Culture to have an understanding on what kind of people are we looking for: https://pecb.com/pdf/brochures/pecb-corporate-culture.pdf
To apply, please submit your application before July 26, 2018 at https://pecb.com/en/jobs.
Should you encounter any technical problem, please submit your updated CV and supportive documents at email@example.com.
Resumes sent via other means will not be considered. Only short-listed candidates will be contacted. No phone calls please!