This is a governance role in the area of security compliance, where the biggest emphasis is on formal governance and documentation (it is not a strictly technical role in a practical sense, but it requires at least basic and theoretical technical knowledge).

Security Approvals - network related change requests assessor

Your responsibilities

• Assessing and approving selected scopes of change requests related to infrastructure, platforms and applications from the security compliance perspective (e.g., firewall openings, proxy and email whitelisting, AD group membership)
• Ensuring clear communication and a satisfactory experience for stakeholders
• Representing the team and providing relevant stakeholders with a better understanding of security requirements to raise awareness of IT security matters
• Interpreting the company’s information security standards/guidelines and translating them into actionable technical security requirements implemented in production systems to enhance overall security
• Analyzing existing documentation (both procedural and architectural)
• Verifying registered issues and risk coverage in the context of the company’s risk management processes and information security guidelines
• Cooperating with and gathering information from internal stakeholders (Chief Security Office, Security Architecture, Application Owners/Providers/Managers, etc.) as part of the decision-making process

Our requirements

• Basic understanding of IP networks, protocols, firewalls and proxies
• Very good business and technical English (both written and spoken), due to a high level of communication and internal stakeholder management in daily operations
• Ability to analyze documentation
• Experience in operational-type work/tasks (including Change Management processes and tools/ticketing systems)
• Ability to gather information from different sources and connect the dots
• Resilience and assertiveness
• Understanding of Risk Management Framework
• Experience/understanding of information security-related policies, documentation, procedures, industry standards and best practices