Senior Information Security Engineer

Responsibilities:​​​​​

• Perform risk analysis for IT projects and third-party vendor relationships.

• Develop and implement information security policies, procedures, and methodologies.

• Deploy and manage core security tools: Wazuh SIEM, vulnerability management, and WAF systems.

• Coordinate security control implementation and lead incident response efforts.

• Proactively monitor IT infrastructure security and drive vulnerability remediation.

• Create and maintain the corporate information security risk register and heat maps.

• Represent KPMG/NITSO as a delegate at industry conferences.

• Ensure full compliance with mandatory training and labor protection requirements.

• Conduct comprehensive security reviews for infrastructure and new projects.

Requirements:

• Education & Language: Bachelor's degree in Information Security field; Upper Intermediate or higher English.
• Experience: 3 years in Information Security; experience developing organizational and technical documentation; skills of a technical information security writer.
• Knowledge: Knowledge of information security technologies; good understanding of business processes in branch-structured companies; knowledge of project management systems.
• Technologies & Tools: WAZUH, SIEM, Cloudflare implementation, Antywire, DLP, WAF, Anti-virus, MS Access, MS PowerPoint, BI Tools.

• Core Skills: Technical skills, vulnerability management, script language proficiency, risk management.

Preferred:

• Knowledge of standards: ISO2700x, NIST, SANS, PCI DSS.

• Knowledge of risk methodologies: CRAMM, Octave, OWASP.

• Knowledge of secure application development cycle (SDLC).