Information Security Consultant

Summary

Join ELEKS as an Information Security Consultant in Ukraine and contribute to a team of experts in a dynamic and supportive environment. You will assist a client with ISMS activities, including policy updates, risk assessments, and ISO27001/SOC2 certification audits. The role requires implementing new information security solutions and collaborating with various departments. You will leverage your expertise in security frameworks, standards, and technologies. This position offers challenging tasks and opportunities for professional development within a team of professionals.

Requirements

• At least 1 year of proven experience as an Information Security Consultant or similar role
• In-depth knowledge of security frameworks, standards, and best practices (e.g., ISO 27001, SOC2, NIST, GDPR)
• Proficiency in security tools and technologies, such as firewalls, XDR, IDS/IPS, SIEM, etc
• Experience in writing IS policies and technical documentation
• Knowledge of Disaster Recovery / Business Continuity Planning
• Bachelor’s/master’s degree in information security or similar
• English – upper-intermediate (spoken and written)

Responsibilities

• Develop, implement and periodically review IS policies, procedures, and protocols
• Respond to client ISMS-related requests for information
• Perform comprehensive security assessments to identify potential risks and vulnerabilities. Specifically, conduct periodical risk assessments of 3rd parties and software/hardware utilized by the organization
• Configure and maintain security solutions, including firewalls, data leakage prevention (DLP), extended detection and response (XDR),intrusion detection/prevention systems (IDS/IPS), etc
• Perform market research to assist with the selection of IS solutions
• Lead project for implementation of ISMS improvements, including implementation of new IS solutions
• Assist with analysis and response to security incidents and breaches
• Collaborate with IT and other departments to ensure security measures are integrated into all aspects of the organization's operations
• Provide expert advice and guidance on information security best practices and emerging threats
• Participate in the development of security awareness trainings and phishing exercises for employees
• Stay up to date with the latest security trends, technologies, and regulatory requirements
• Planning of internal and external audit activities, including certification audits (ISO27001/SOC2)
• Participate in audits by coordinating the collection of evidence and responses to audit requests
• Assist with definition, documentation, tracking and implementation of remediation activities for IS risks, issues and audit findings

Preferred Qualifications

• Relevant certifications such as CISSP, CISM, CISA, or equivalent are highly desirable
• Strong communication and interpersonal skills
• Excellent analytical and conceptual skills
• Critical thinking and problem-solving skills

Benefits

• Challenging tasks
• Competence development
• Team of professionals
• Dynamic environment with a low level of bureaucracy