11 вакансий в сфере информационной и кибербезопасности

В сегодняшний дайджест мы собрали 11 вакансий для тех, кто ищет работу в сфере информационной и кибербезопасности. Чтобы подписаться на новые вакансии по этому тегу — перейдите по ссылке, задавайте дополнительные фильтры, такие как город или профессия, а затем нажмите на тумблер «подписаться».

[Kyiv] [Information Security] Head of IT Security @Parimatch Tech

• 7-10 years of experience as a CISO / Security Leader.
• Experience in gambling, betting, gamedev or e-commerce projects/companies.
• Experience in managing several teams and unit of more than 15 employees.
• Experience with incident response or addressing security breaches, real-life attacks mitigation.
• Experience with successful enterprise-wide security projects execution.
• Experience with zero trust access implementation and management of end-user devices accesses in a secure manner.
• Experience with both proprietary cloud environments (i.e. AWS) and DC operations security.
• Upper-intermediate English, free or native Russian language is a must.

[Kharkiv/Remote] [Information Security] Security Systems Engineer @EPAM

• Direct Security-focused education (Bachelors+) OR proven equivalent experience.
• 2+ years of security experience with any domain.
• Successfully participated in at least one production security project.
• Security engineering experience in at least one business domain.
• Experience configuring security controls and policies (NIST SP 800-53).
• Understanding of at least one compliance/regulation such as ISO 2700x/PCI DSS/HIPAA/HITRUST/GDPR/SOX/FedRAMP.
• Able to work closely with other project team roles (developers, BA, testers, architects, managers).
• Experience in bug/development tracking/change management systems.
• Expected to be able to follow and understand a defined security process, train other team members, and contribute to process improvement.
• Understanding of concepts of a Software development process, application, infrastructure/cloud security, and their assessment methodologies.
• Hands-on proficiency and strong engineering background is a must.
• Scripting/software development experience is a huge advantage.
• Experience in service-oriented projects is an advantage.
• Nice to have 1+ Security Certification such as GCP Professional Security Engineer/AWS Security Specialty/Azure Security Technologies or equivalent knowledge.
• Professional Security Certifications such as CISSP/CISM/CISA/ECSA/CCSK/SSCP is considered as an advantage.

[Kyiv] [Information Security] Младший специалист по защите информации @EvoPlay

• Законодательные и нормативные правовые акты Украины, регламентирующие вопросы обеспечения информационной безопасности и защиты информации.
• Международные законы, стандарты и лучшие практики, регламентирующие вопросы обеспечения информационной безопасности и защиты информации серии: ISO, NIST. Сетевые протоколы. Уровни модели OSI.
• Динамические протоколы маршрутизации.
• Модели контроля доступа (ролевая, матричная, смешанная).
• Системы реализации разграничения доступа (IDM), подсистемы обнаружения атак (IDS, IPS) и контроля целостности информации (ЭЦП, шифрование).
• Основы криптографии, алгоритмы шифрования c открытым и закрытым ключом.

[Remote] [Information Security] Salesforce developer @NIX

• Обучаемость, инженерное мышление, позитивный настрой и упорство в достижении цели;
• знание английского языка на уровне Intermediate и выше;
• знание фреймворков платформы Salesforce: Apex, Visualforce, Lightning Components, Lightning Web Components, а так же связанных с ними технологий;
• уверенное владение SQL, SOQL, SOSL;
• твердое понимание принципов ООП;
• опыт моделирования объектов на платформе Force.com;
• опыт работы с веб-сервисами, SOAP, RESTful web API;
• знание HTML, CSS, JavaScript;
• опыт написания юнит-тестов.

[Kyiv] [Information Security] IS Specialist @The Gravity Agency

• Знание и понимание OWASP Top-10.
• Знание основных типов атак на сетевую и серверную инфраструктуру и способы защиты.
• Понимание принципов расследования инцидентов ИБ.
• Понимание принципов классификации и защиты информации.
• Понимание принципов и подходов к проведению аудита ИБ.

[Kyiv] [Information Security] Penetration Tester @Vodafone Ukraine

• 5-10 years of experience in Information Security.
• Strong expertize in performing security analysis and identifying possible vulnerabilities, creating Vulnerability Assessment report.
• Skilled using various tools like Automatic Scanner, NMAP, Dirbuster, Qualys, Nexpose, Nessus, BurpSuite, Metasploit and etc for web application penetration tests and infrastructure testing.
• Experience & knowledges in performing scanning, data analysis, taking remediation steps.
• GIAC Certified Penetration Tester (GPEN), GIAC Web Application Penetration Tester (GWAPT), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN) is much appreciated.

[Remote] [Information Security] Penetration tester @OCTAL Security

• 2+ years of experience in the security industry and/or penetration testing.
• Practical and in-depth knowledge of at least two of the following areas: hardware, networking, web and mobile application pentesting, fuzzer development or reverse engineering.
• Practical skills with Python, Bash or other scripting languages.
• Network and web-related protocol understanding.
• Strong written and verbal communication English skills — you can read technical documentation and compose vulnerability reports in English.
• A technical degree is welcomed, but not required.

[Kyiv/Remote] [Information Security] IT Security Specialist @Clario

• At least 2 years’ experience in IT / Information Security.
• Strong analytical skills.
• Good technical background at Windows, nix and networking.
• Knowledge in IT Security controls: AV, VM, DLP, IdM, etc.
• Knowledge of ISO 2700x series.
• Knowledge of COBiT, ITIL, NIST, PCI DSS etc. will be considered as a plus.

[Kyiv] [Information Security] Cybersecurity Consultant @10Guards 

• Нужен разноплановый опыт в консалтинге ИБ (очень желательно и близко к обязательно — аудит ИТ/ИБ, управление инцидентами ИБ, подготовка внутренней документации по ИБ, BCP/DRP).
• Сертификация ISO27000 (LA/LI), CISA, CISM, CISSP и другие подобные — будут плюсом.
• Знания по оценке и управлению рисками.
• Опыт работы в корпоративной среде с нетехническим персоналом со стороны клиента.
• Хороший уровень английского.

[Remote] [Information Security] Security Engineering Manager @Indigo – Tech Recruiters

• Top cybersecurity skills, experience, and professional approach.
• Knowledge of secure application development best practices.
• Strong cloud security experience with one or more enterprise clouds, AWS preferred.
• Data analysis abilities to collect multiple data points and resolve complex issues escalated from various teams.
• Experience with implementing security incident and application security programs.
• Developed Business Continuity or Disaster Recovery Processes.
• Knowledge of modern authentication/authorization schemes like SAML, OAuth, OpenID.
• Connect, and access delegation methodologies.
• Technical documentation skills to contribute to security documentation and policies.
• Prior security engineering or systems/network administration experience required.
• Mentorship abilities and a commitment to employee professional development.
• Knowledge and experience with at least one programming language preferred.
• Professional information security certifications will be a plus (CISSP, CISM, CISA, e.g.).

[Lviv/Remote] [Information Security] NOC Engineer @WOW 24/7

• Fluent English (verbal and written).
• Excellent PC skills.
• Experience in working with Network, Network connection issues.
• Good knowledge of API, IP address, communication protocols, security monitoring processes.
• Initiative and desire to work.
• Organizational and time management skills.
• Analytical, communication and client interfacing skills.

Источник: ain.ua