کارشناس ارشد سیستم مدیریت امنیت اطلاعات

Job Description

Mission
•Analyze vulnerability scan outputs and penetration test results to pinpoint critical gaps
•Verify implemented controls against Annex A requirements and recommend improvements
•Adapt procedural documentation to streamline daily ISMS operations and change requests
•Acquire and track defined ISMS metrics measuring program effectiveness and trends
•Pull and compile compliance reports informing CTIO governance reviews and senior management
•Appraise audit findings, prioritize remediation actions, and monitor closure status
•Arrange security awareness initiatives embedding a culture of information security across teams
•Evaluate incident response procedures ensuring rapid detection, analysis, and resolution
•Project audit readiness status preparing MTNIrancell for external certification and regulatory review

Roles & Responsibilities
•Analyze vulnerability scan outputs to pinpoint critical security gaps requiring remediation
•Evaluate implemented controls to verify alignment with Annex A requirements and best practices
•Verify incident response procedures to ensure timely detection, analysis, and resolution of security events
•Study audit findings to recommend prioritized corrective actions and track closure status
•Create and maintain the ISMS asset inventory to support accurate risk profiling and valuation
•Originate detailed procedural documentation to guide daily ISMS operations and change requests
•Arrange planned security audits by coordinating internal teams and external vendors to validate control enforcement
•Acquire and track defined ISMS metrics to measure program effectiveness and report trends
•Adapt document control workflows to maintain integrity, versioning, and accessibility of ISMS records
•Plan and Pull regular compliance reports to inform CTIO governance reviews and senior management
•Appraise supplier security assessments to ensure third-party compliance with organizational standards
•Organize security awareness initiatives to educate staff on policies, procedures, and emerging risks
•Regulate enforcement of security checklists for new system deployments and existing operations
•Develop follow-up actions on risk treatment plans to confirm timely resolution of identified vulnerabilities
•Project audit readiness status to prepare MTNIrancell for external certification and regulatory reviews

Job Requirements

*Education
•BSc. Degree in Technology Systems (Telecommunication Management / Information Technology) or a related discipline
•Fluent in English

*Experience
•Minimum of 3 years’ experience in the area of specialisation; with experience in supervising/managing others
•Experience working in a medium to large organization
•Prior consulting experience in cyber security roles with insight on business development is preferred