Striving for excellence is in our DNA. Since 1993, we have been helping the world’s leading companies imagine, design, engineer, and deliver software and digital experiences that change the world. We are more than just specialists, we are experts.
Currently we are looking for a Senior Information Security Analyst for our Kyiv office to make the team even stronger.
Today we are a global team of technologists and thinkers who help transform the world with the power of software, enabling our customers to be competitive and disruptive in the marketplace through innovative technology solutions.
Our customer is a big data company focused on premium video. Their comprehensive suite of offerings includes one of the world’s largest premium video platforms, a media logistics solution for video production workflows, and a holistic advertising platform for direct and programmatic trading.
As a Senior Information Security Analyst, you will be responsible for reviewing alerts compiled from IT and Engineering systems, developing and documenting baselines used to identify anomalous behavior within the environment quickly. You will be identifying, researching, and responding to alerts from monitoring systems to remediate threats, supporting data collections regulations, researching compliance controls, documenting and reviewing standard procedures and evaluating and documenting access request changes.
Project technologies and tools
Develop security standards and processes that can be deployed and managed in an automated fashion for the various projects assigned;
Plan and execute projects to implement security-oriented tools or services to handle the company resources and associated products;
Stay up to date on the latest security trends, vulnerabilities, privacy legislation, and news items and communicate new finding with other team members;
Follow document policies, procedures and standards based upon guidance from Corporate Security Management;
Recommend changes in security policies and practices per changes in law or financial sector security practices;
Ensure that data is protected from unauthorized modification, destruction, and disclosure;
Be responsible for System Auditing and monitoring of critical security systems: FIM, IPS/IDS, Event Logs;
Perform risk assessments and test security controls and systems, including working with process owners to define remediation plans;
Respond to critical computer security incidents by collecting, analyzing and preserving digital evidence;
Answer user questions related to security technology and advise on the security impact of technical changes;
Ensure that security policies are applied and maintained for network devices, remote access devices, firewalls, servers, and workstations;
Research mechanisms and tools for control compliance;
Conduct periodic audits of business entities to ensure continued compliance;
Conduct continuous monitoring and research of real-time alerts;
Track and report on policy violations;
Collaborate with other departments to ensure the timely delivery of audit materials on a monthly, quarterly and annual basis;
Manage repository for control documentation and update documents as needed;
Perform internal control testing to validate the design and operating effectiveness and report results in the repository on a timely basis;
Participate in post-mortem reviews and ensure lessons learned are integrated into the regulatory compliance process.
Experience in Firewalls, IDS/IPS, VPN and other network security components from an evaluation, deployment assessment, and audit perspective;
Knowledge of and expertise in AWS & Azure;
5+ years’ experience in an Information Security role;
Practical knowledge of network infrastructure and security monitoring tools;
Information Security certification required. Security certifications may include, but not be limited to CISSP, CISA, CISM, GSEC, Security+, and CEH;
Experience in threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting;
Ability to manage changing workloads while maintaining a sense of priorities and delivering quality service within required timeframes;
Ability to learn new technologies and applications and apply that knowledge to daily workflows;
Attentive to details, organized, able to work and research independently;
Demonstrated adaptability, analytical and problem-solving skills.
Nice to have
System administration experience;
Project Management certifications;
Experience in Linux, Mac OS, Ubuntu, LDAP security configuration and design, monitoring/alerting, intrusion detection, encryption, vulnerability management and wireless network security;
Ability to identify and recommend mitigations for vulnerabilities and exploits;
Knowledge of Information Security principals and activities;
Ability to work with urgent deadlines;
Broad knowledge of IT and Cloud Engineering in mid to large organizations.
Competitive compensation depending on experience and skills;
Individual career path in engineering;
Social package -medical insurance, sports;
Compensation for sick lists and regular vacations;
Partial grant of the cost of certification and IT conferences;