This is a governance role in the area of security compliance, where the biggest emphasis is on formal governance and documentation (it is not a strictly technical role in a practical sense, but it requires at least basic and theoretical technical knowledge).
responsibilities :
Assessing and approving selected scopes of change requests related to infrastructure, platforms and applications from the security compliance perspective (e.g., firewall openings, proxy and email whitelisting, AD group membership)
Ensuring clear communication and a satisfactory experience for stakeholders
Representing the team and providing relevant stakeholders with a better understanding of security requirements to raise awareness of IT security matters
Interpreting the company’s information security standards/guidelines and translating them into actionable technical security requirements implemented in production systems to enhance overall security
Analyzing existing documentation (both procedural and architectural)
Verifying registered issues and risk coverage in the context of the company’s risk management processes and information security guidelines
Cooperating with and gathering information from internal stakeholders (Chief Security Office, Security Architecture, Application Owners/Providers/Managers, etc.) as part of the decision-making process
requirements-expected :
Basic understanding of IP networks, protocols, firewalls and proxies
Very good business and technical English (both written and spoken), due to a high level of communication and internal stakeholder management in daily operations
Ability to analyze documentation
Experience in operational-type work/tasks (including Change Management processes and tools/ticketing systems)
Ability to gather information from different sources and connect the dots
