We need your expertise if
- You've got a proven track record of getting a company certified under ISO 27001
- You've got experience in an International company
- You're fluent in English

- You have ISO 27001 Internal Auditor or Lead Auditor certification.
- You have 4+ years of experience in information security risk assessment, compliance, or security operations, at least 2 of them in an international company.
- You have extensive experience with relevant security regulations, standards, and frameworks, including ISO 27001 and GDPR.
- You have a proven track record of internal and external IT security audits.
and led and successfully completed ISO 27001 certifications bringing certificate to the company.
- You have developed information security policies, setup ISMS and guidelines, implement CIS20 and derive security requirements from them;
- You understand access modelling, are able to develop access models and assess them. You understand segregation of duties
- You have experience in IAM & SSO solutions. Understanding of purpose and approaches of IAM. Knowledge of key tasks: identify, authenticate, and authorize
- You have good knowledge of risk management, its purpose, and approaches and able to evaluate risks and create a risks management plan
- You understand OWASP Top 10 and are able to describe vulnerabilities, ways of exploitations, and fix methods
- You have a deep understanding and have implemented of vulnerability & patch management. Knowledge in vulnerability scanners. Ability to validate scan results and provide recommendations
- You are able to develop and conduct security trainings and workshops
- You are fluent in English
- Good communication skills, responsible, initiative, self-organized, eager to learn
- Experience in Secure AWS Security would be a plus

- Conduct internal security audits, create an action plan & practical roadmap based on the audit results
- Develop and enhance an information security management framework to ensure business sustainability
- Build and maintain compliance guidelines. Create policies and standards for IT security and compliance
- Conduct general IT security awareness training for the company staff
- Evaluate and manage corporate risks related to IT security
- Build and maintain application-specific threat models, explicitly apply security principles to design
- Participate in the corporate certification and compliance activities
- Design and implement security architecture and detailed cybersecurity designs together with IT and software development departments
- Prepare and document standard operating procedures and protocols
- Cooperation with Finance and Legal, Sales & Marketing, Product Management for all security-related topics (audits, contractual compliance, reviews, risk assessments, etc.)
- Keeping up to date with developments in IT security standards and threats

Why kasko2go?
We focus on YOU:
- Your Development: 50% compensation of approved prof. courses
- Your Resource: 20 business day vacation
- Your Comfort: cozy office downtown
- Great team and product that benefits people

About kasko2go

Swiss fintech startup, offering PAYD and PHYD insurance underwritten by partner insurers

Company website:

DOU company page:

Job posted on 16 July 2021
9 views    3 responses

Для отклика на эту и другие вакансии на Джинне войдите или зарегистрируйтесь.
Similar jobs

Lead System Administrator (Linux) at Petrosoft LLC

Kyiv, Kharkiv, Dnipro, Odesa, remote

Java Competence Lead at Sigma Software

Kyiv, Kharkiv, Lviv, Dnipro, Odesa, remote

QA Automation Lead at Intetics

Kyiv, Kharkiv, Odesa, remote

All jobs Lead Kharkiv    All jobs kasko2go AG