Risk and Security Analyst

Requirements:
• A degree or equivalent in Information Security, Computer Science or Electrical Engineering (communication) or equivalent practical experience only (min 6 yrs)
• Membership/certification of security professional group is desirable (CISSP, CISM, SSCP, ISO27001 Implementer/Auditor, CISA)
• 3+ years of experience in ICT area, 1+ years in security-related discipline
• Experience with product life cycle in telecom environment
• Experience with mobile network setup and functionality of different mobile nodes in 2G/2.5G and 3G networks
• Broad knowledge of different security concepts and technologies.(firewalls, IDS/IPS, AV, content filtering, SSL, HTTPS, VPN, IPv6, identity management, etc)
• Detailed knowledge of one or more security domains (access control, network security, operation security, encryption, etc)
• Excellent understanding of Fraud & Technical Security relation.
• Knowledge of languages (Azerbaijani, Russian – fluent, English – upper-intermediate)

Job description
The basic job duties will include, but not be limited to:
• Ensure the company information and network assets are protected and necessary measures and procedures are in place to meet due diligence requirement
• Ensure Company compliance with local and international laws regarding information security and data privacy
• Ensure network and data compliance with Company security policies
• Support the implementation of procedures, processes and awareness, security measures and other security solutions to ensure the security of all data, networks and new products & services
• Handle security incidents in ICT area affecting the availability of the network services, the confidentiality and/or integrity of data residing on Company systems
• Support internal/external investigations involving gathering information from Company IT/network elements
• Identify & ensure appropriate security policies, standards and guidelines are implemented in accordance with the Security Framework
• Provide advice to FRS management on ways of improving the effectivess and efficiency of their FRS control mechanisms
• Undertake assignments outside own area of expertise. Form a view as to how assignments can be carried out. Plan, monitor and control activities as necessary. Carrie out research when necessary to assimilate new knowledge. Seek and obtain relevant expertise as appropriate
• Drive the rollout of security products required by Business Assurance management or policy/standards
• Conduct Data/Technical/Phisical/Asset Security Reviews on new products, services, change requests, connections with third parties
• Conduct assessments of third party security, perform reviews of contracts from ICT security perspective with vendors of IT/network products

Please send your CV info@ires.az