Ciklum is a Software Engineering and Solutions Company. Our 3,000+ IT professionals are located in the offices and delivery centres in Ukraine, Belarus, Poland and Spain.
As Ciklum employee, you'll have the unique possibility to communicate directly with the client when working in Extended Teams. Besides, Ciklum is the place to make your tech ideas tangible. The Vital Signs Monitor for the Children’s Cardiac Center as well as Smart Defibrillator, the winner of the US IoT World Hackathon, are among the cool things Ciklumers have developed.
Ciklum is a technology partner for Google, Intel, Micron, and hundreds of world-known companies. We are looking forward to seeing you as a part of our team!
On behalf of Ciklum Digital, Ciklum is looking for a Middle Security Engineer to join our Kyiv team on a full-time basis.
Reporting into the Head of Cyber Security. Cyber Security Blue team Middle Engineer is responsible for defining, developing and implementing Information Security controls in Clients’ environments. He is responsible for implementing information security management systems according to well established frameworks. He establishes information security operations procedures in the clients from scratch.
About Quality Engineering Team:
Quality Engineering Center of Excellence is an international award-winning Quality Engineering department that has rapidly evolved over the past 7 years to become a mature Quality Engineering service provider with 250+ professionals working in 7 main directions: QA Consulting and Management, DevOps, Manual, Automation, Support, Performance, Cyber Security and Robotic Process Automation.
Our main principles are:
- People are over processes and hierarchy
- Flat and open collaboration/communication increases creativity and brings more value to business
- Investing in people and innovations ensures your future
- Reuse and share your experience – Develop best practices, publicize and follow them
Quality Engineering is an optimal environment for your professional involvement and growth.
- Perform the creation, maintenance and management of the information security management system
- Implement security controls taking into account various stakeholders requirements
- Provides justification of controls selected based on the comparison of alternatives
- Work with key business stakeholders from the Clients to ensure a fit for purpose information security strategy and program is established and maintained
- Provides guidance in defining necessary security requirements
- Develops secure solution architectures
- Collects and arrange non-functional requirements, including security requirements
- Perform vulnerability assessment and participation in penetration testing activities on time to time basis
- Perform evaluation of security risks, define and implement technical controls
- Describe security findings into formal security assessment report
- Conduct security trainings for various stakeholders on software development projects
- Handle communication with client’s technical and business personnel in efficient way
- Contribute to security administration processes and operating documentation for security tools
- Creates PoC for the security tool evaluation and selection
- Investigate security breaches according to established procedures and suggest mitigation options to avoid these breaches in the future
- Acts as a main point of contact for gathering security requirements and review of system architectures from a security standpoint
- Bachelor of Science degree in Computer Science or related field
- 5 years of relevant work experience in Information Security area
- 2 years of experience with Information security management systems
- Demonstration of strong knowledge in several technical areas related to cyber security
- Maintenance of overall generic knowledge in cyber security topics
- Holding Information Security certification: CISSP
- Relevant work experience in software development
- IT audit certification: CISA
- Information Security management certification: CISM
- Work experience with vulnerability scanners, IDS/IPS, firewalls, SIEM solutions, cloud security tools
- ISO 27001 Lead Auditor or equivalent certification is a plus
- Ability to handle large amounts of unstructured data
- Ability to clarify and follow main priorities on the project
- Ability to think and search for solution without supervision
- Good written and verbal communication skills
- Ability to provide quality documentation
- Accountability and delivering on commitments
What's in it for you
- Dynamic and challenging tasks
- Ability to influence project technologies
- Team of professionals: learn from colleagues and gain recognition of your skills
- Fast professional growth
Client video presentation