کارشناس مدیریت امنیت اطلاعات

توسن تهران

منتشر شده 2 سال پیش

سمت شغلی

شرکت

حقوق

آمار رزومه‌های ارسال شده

Job Description

● Selecting the appropriate security standards for the organization's products. ● Security consulting and monitoring on the acquisition or use of new technologies. ● Security consulting to senior managers of the organization. ● Presenting or approving the scope of security projects. ● Submitting or approving cost estimates for security projects. ● Determining the content of the security awareness and education program according to the standards. ● Preparing or revising draft security outlook. ● Preparing or reviewing an organization's security roadmap for long-term goals. ● Determining the security risk assessment methodology. ● Monitoring and leading the risk assessment project. ● Periodic monitoring of the effectiveness of the risk reduction program. ● Compliance of Security Risk Management Program with Security Standards and Policies. ● Determining the security issues under consideration in each phase of the safe development lifecycle based on the methodology. ● Developing security procedures for each policy. ● Monitoring the implementation and use of security procedures. ● Monitoring the implementation of the security awareness and training program. ● Coordinating with other parts of the organization in order to implement a security awareness and training program. ● Determining how to detect security incidents and events. ● Determining the workflow in response to a security incident. ● Compliance with security projects with security standards and policies. ● Determining the strategy and planning of security awareness and training based on standards. ● Development of content of security awareness and education program. ● Monitoring the implementation of selected security standards. ● Monitoring of final product monitoring to comply with the standard. Select security policies and controls to reduce risk. ● Defining maps and responsibilities in the security incident response plan. ● Adapting different phases of the system life cycle to the safe development cycle for products. ● Determining RTO systems to provide disaster recovery procedures. ● Determining RPO systems to provide support routines.

Requirements

● Fluent in security standards including ISO 27000 series. ● Familiarity with developing security policies. ● Familiarity with security maturity models. ● Familiarity with risk assessment methodologies. ● Familiarity with security and safety controls in software production. ● Preferably with a CISSP degree or other valid information security documents. ● Interested in learning and individual development.

Employment Type