دیجی‌پی | Digipay

تاسیس در ۱۳۹۷ مالی و اعتباری ۲۰۱ تا ۵۰۰ نفر www.mydigipay.com

استخدام Information Security Officer

دسته‌بندی شغلی

IT / DevOps / Server
موقعیت مکانی

تهران ، تهران
نوع همکاری

تمام وقت
حداقل سابقه کار

کمتر از سه سال
حقوق

توافقی

شرح موقعیت شغلی

The Information Security Officer will be responsible for leading and managing the organization's
information security strategy, ensuring compliance with ISO 27001 and PCI-DSS standards. This
role involves overseeing the audit and implementation processes and controls, ITGC and
managing the Security Operations Center (SOC)

Key Responsibilities:

1. ISO 27001 and PCI-DSS Compliance

Lead the development, implementation, and maintenance of information security
policies, procedures, and guidelines in accordance with ISO 27001 and PCI-DSS
standards.
Conduct regular internal audits to ensure compliance with relevant standards and
regulatory requirements.
Coordinate with external auditors to facilitate successful completion of ISO 27001 and
PCI-DSS audits.
Identify gaps in current security controls and develop corrective action plans.

2. Security Operations Center (SOC) Management:

Oversee the daily operations of the SOC, manage the SIEM system, ensuring effective
monitoring and analysis of security events, ensuring timely detection, analysis, and
response to security incidents.
Develop and implement SIEM rules, alerts, and dashboards to enhance threat detection
capabilities.
Conduct regular reviews of SIEM logs and reports to identify potential security threats
and vulnerabilities.
Develop and implement incident response procedures, ensuring effective handling of
security breaches and incidents.
Coordinate with the IT team to ensure proper configuration and maintenance of
security tools and technologies.

3. Risk Management:

Perform IT Risk Assessments to identify and evaluate its security risks to the
organization.
Develop and implement risk mitigation strategies to reduce the impact of identified
risks.
Maintain an up-to-date IT risk register and ensure regular review and update of risk
management plans.

4. Training and Awareness:

Develop and deliver security awareness training programs for employees, ensuring
understanding of security policies and best practices.
o Stay current with emerging security trends, threats, and technologies, and share
knowledge with the team.

Qualifications:

Bachelor's degree in Information Tech, Computer Science, Computer Eng, or a related field.
Professional certifications such as CISSP, CISM, CISA, or equivalent.
Proven experience in information security management, including ISO 27001 and PCI-DSS
compliance and ITGC.
Strong understanding of SOC and SIEM operations, including incident response and threat
analysis.
Excellent analytical and problem-solving skills.
Strong communication and interpersonal skills, with the ability to interact effectively with
technical and non-technical stakeholders.

Preferred Experience:

Experience in managing security audits and developing audit reports.
Familiarity with risk management frameworks and methodologies.
Knowledge of security technologies and tools, including firewalls, intrusion
detection/prevention systems, PAM, DLP and endpoint protection solutions.
Hands-on experience in fintech ecosystem.

معرفی شرکت

دیجی‌پی یک استارتاپ جوان در حوزه پرداخت الکترونیک با مجوز پرداخت‌یاری است که حاصل ادغام استارتاپ هُماپی در هلدینگ دیجی‌کالا است.
دیجی‌پی در سال ۱۳۹۷ عضوی از خانواده دیجی‌کالا شد. هدف گروه دیجی‌کالا از ورود به حوزه فینتک، ارائه سرویس‌های پرداخت الکترونیک با پایداری بالا و بهترین تجربه برای مشتری بود. به دنبال تعریف این هدف، مسیر توسعه سرویس‌های دیجی‌پی مشخص شد.
محصولات شرکت:
-(Smart IPG) درگاه پرداخت هوشمند اینترنتی
-(Refund) بازگشت وجه به مشتری
-(Payout) پرداخت وجه با کیف پول تجاری
-اپلیکیشن موبایل دیجی‌پی
-(Smart Dashboard) داشبورد هوشمند
-کیف پول خرید اقساطی