HRus Partners (license number 414), on behalf of our client, a leading Telecoms Company, are seeking a highly skilled and experienced GRC Analyst.
Responsibilities:
- Establishes and maintains a corporate-wide information security management program to ensure that information assets are adequately protected
- Designs, implements and monitors a strategic, comprehensive enterprise information security strategy and IT risk management program
- Evaluates penetration test results, and oversees the implementation of the findings to ensure proper gaps closure
- Manages and executes regular vulnerability assessments across systems to ensure they are up to date.
- Oversees patch management over systems and ensures their implementation regularly
- Evaluates the IT threat landscape
- Devises policy and controls to reduce risk
- Leads auditing and compliance initiatives
- Balances security needs with the organization’s strategic business plan, identify risk factors, and determines solutions
- Plans and tests responses to security breaches, including any table discussions
- Conducts real-time analysis of immediate threats, and triage when something goes wrong
- Keeps abreast of developing security threats, and helps the board understand potential security problems that might arise from acquisitions or other big business moves
- Acts as the organization’s representative when dealing or pursuing the sources of network attacks and information theft Data loss and fraud prevention
- Ensures that the organization is adaptable to evolving compliance regulations
- Prevents and defends against information security attacks
- Provides leadership and clarity about importance of Information Security
- Establishes the right security and governance practice Documentation
- Understands and interacts with related disciplines through committees to ensure the consistent application of policies and standards across all technology projects, systems and services
- Demonstrates ability to visualize the total process and aids in locating problem areas using process mapping, quality improvement, and visualization tools to locate, quantify, and correct root causes of problems
Qualifications:
- University Degree in Computer Science, Information Technology, Management Information Systems, Computer & Communication Engineering or any relevant field
- ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISM, CEH or any professional security certification is needed
- Fluency in Greek and English
- Proficiency in Microsoft infrastructure & products
- Experienced in risk management, information security and IT
- Proven experience in building technology related strategies
- Solid foundation in Security Centric Tech such as: DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies, coding practices
- In-depth expertise in ethical hacking and threat modelling and intrusion detection/prevention protocols
- Thorough knowledge:
- Of security challenging systems including Penetration Testing and Vulnerability assessment
- Of systems including Servers, Switches, Routers, NAS Storage, SAN Storage
- In Data-center security facilities and practices
- In Disaster Recovery and Business Continuity Planning
- In security systems including Firewalls, IPS, WAF, SIEM, Antivirus, Malware protection and Anti-SPAM Engines
- General good database and database administration knowledge for MS-SQL and Oracle
- Experience with network topology and configuration (LAN, WAN, WLAN)
- Solid knowledge of electronic & site security issues, in data analysis, budgeting and business operations
- Ability to seek out vulnerabilities in IT infrastructures Overall experience: 7-10 years
- High level of personal integrity
- Outstanding communication, interpersonal and leadership skills
If you think that you could be a good fit for this position, apply directly through our website or send us your CV at careers@hruspartners.com