استخدام Information Security Officer
شرح موقعیت شغلی
The Information Security Officer will be responsible for leading and managing the organization's
information security strategy, ensuring compliance with ISO 27001 and PCI-DSS standards. This
role involves overseeing the audit and implementation processes and controls, ITGC and
managing the Security Operations Center (SOC)
Key Responsibilities:
1. ISO 27001 and PCI-DSS Compliance
information security strategy, ensuring compliance with ISO 27001 and PCI-DSS standards. This
role involves overseeing the audit and implementation processes and controls, ITGC and
managing the Security Operations Center (SOC)
Key Responsibilities:
1. ISO 27001 and PCI-DSS Compliance
- Lead the development, implementation, and maintenance of information security
- policies, procedures, and guidelines in accordance with ISO 27001 and PCI-DSS
- standards.
- Conduct regular internal audits to ensure compliance with relevant standards and
- regulatory requirements.
- Coordinate with external auditors to facilitate successful completion of ISO 27001 and
- PCI-DSS audits.
- Identify gaps in current security controls and develop corrective action plans.
2. Security Operations Center (SOC) Management:
- Oversee the daily operations of the SOC, manage the SIEM system, ensuring effective
- monitoring and analysis of security events, ensuring timely detection, analysis, and
- response to security incidents.
- Develop and implement SIEM rules, alerts, and dashboards to enhance threat detection
- capabilities.
- Conduct regular reviews of SIEM logs and reports to identify potential security threats
- and vulnerabilities.
- Develop and implement incident response procedures, ensuring effective handling of
- security breaches and incidents.
- Coordinate with the IT team to ensure proper configuration and maintenance of
- security tools and technologies.
3. Risk Management:
- Perform IT Risk Assessments to identify and evaluate its security risks to the
- organization.
- Develop and implement risk mitigation strategies to reduce the impact of identified
- risks.
- Maintain an up-to-date IT risk register and ensure regular review and update of risk
- management plans.
4. Training and Awareness:
- Develop and deliver security awareness training programs for employees, ensuring
- understanding of security policies and best practices.
- o Stay current with emerging security trends, threats, and technologies, and share
- knowledge with the team.
Qualifications:
- Bachelor's degree in Information Tech, Computer Science, Computer Eng, or a related field.
- Professional certifications such as CISSP, CISM, CISA, or equivalent.
- Proven experience in information security management, including ISO 27001 and PCI-DSS
- compliance and ITGC.
- Strong understanding of SOC and SIEM operations, including incident response and threat
- analysis.
- Excellent analytical and problem-solving skills.
- Strong communication and interpersonal skills, with the ability to interact effectively with
- technical and non-technical stakeholders.
Preferred Experience:
- Experience in managing security audits and developing audit reports.
- Familiarity with risk management frameworks and methodologies.
- Knowledge of security technologies and tools, including firewalls, intrusion
- detection/prevention systems, PAM, DLP and endpoint protection solutions.
- Hands-on experience in fintech ecosystem.
مهارتهای مورد نیاز
- Security
- soc
- مدیریت ریسک
- CISA
حداقل سابقه کار
- کمتر از سه سال
جنسیت
- مهم نیست
وضعیت نظام وظیفه
- معافیت دائم پایان خدمت