Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support information technology (IT) security goals and objectives and reduce overall organizational risk.
Advise senior management on risk levels and security posture.
Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders.
Ensure that security improvement actions are evaluated, validated, and implemented as required.
Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
Evaluate and approve development efforts to ensure that baseline security safeguards are appropriately installed.
Identify alternative information security strategies to address organizational security objective.
Identify information technology (IT) security program implications of new technologies or technology upgrades.
Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
Manage the monitoring of information security data sources to maintain organizational situational awareness.
Oversee the information security training and awareness program.
Participate in an information security risk assessment during the Security Assessment and Authorization process.
Participate in the development or modification of the computer environment cybersecurity program plans and requirements.
Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
Recognize a possible security violation and take appropriate action to report the incident, as required.
Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
Track audit findings and recommendations to ensure that appropriate mitigation actions are taken.
Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals.
Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
Xüsusi tələblər
A bachelor`s degree in computer science, information security, or a related field; master`s degree is an advantage
8+ years of experience in application security, information risks, and developing security threat solutions; familiarity with regulatory requirements related to handling information, including Data Security Standards. Proficiency with firewalls, endpoint security, mobility management, and vulnerability scanning.
Language Skills: English, Azerbaijani and Russian (desirable).