ApplyApply to iSignthis Ltd (ASX : ISX) for the IT Security Specialist jobSaveSave job for IT Security Specialist at iSignthis Ltd (ASX : ISX) Job description
iSignthis Ltd is an Australian Securities Exchange (ASX) listed company, soon to commence eMoney services, in addition to our eKYC identity services.
We are looking for an Information Security, Risk and Compliance specialist. In this role you will be responsible for the design, implementation and procedures for upkeep of the IT risk management framework and to ensure that risk policies, procedures, and processes are aligned to business needs and maintain compliance with PCI, card scheme, ISO27001 and Eurosystem requirements.
You will be defining policies, procedures for internal purposes and external regulators and making sure they complement both internal and external perspectives.
The succesful candidate will have excellent english and at least one other EU language skills, high-level communication skills, strong experience in handling IT Risk/Security matters, and experience with interfacing with external parties.
Policies & Procedures
Consult with management in developing, documenting and managing information security policies, standards and guidelines, for the group based on existing policies and procedures.
Including but not limited to:
Disaster recovery plan;
Cybersecurity risk assessment;
New supplier compliance checklists;
Staff hardware and software usage policies;
Regular security reports LAN virus control and IP Perimeter Security; and
Procedures for review and documentation of internal and external audit processes.
Review of existing systems and processes
Review the compliance state of all service delivery vendors.
Certify existing and new systems comply with information security policies and standards including audit of third-party environments.
Provide action list/recommendations to bring systems and controls up to required standards.
Conduct security risk assessments for existing and new business applications, infrastructure designs and IT projects.
Ensure the administration of security hardware and environments through the practice of split knowledge and dual control.
Environments to include HSMs, Firewalls, Security Events logging and monitoring, data leakage solution, virus detection systems, Intrusion detection systems, etc.
Vendor selection, Partner and Alliancing assesment
Responsible for the selection/recommendation of:
Disaster recovery requirements; and
IT compliance external auditors.
PEN Testers
Audit and review
Prepare and review registers of exemptions and exceptions, ensuring adherence to all policies.
Ensure appropriate audit controls are in place for all systems.
Assess effectiveness of internal controls over key IT risks including data integrity.
Assess risks associated with policy exemptions and non-compliance
Training
Ensure all staff are appropriately informed of security practices, policies and procedures through the development of security awareness training programs and/or publications
Experience
Experience working in the financial services sector
Ability to assist and improve network pen tests, server configuration review, firewall reviews, etc.
CISSP/CISA/CISM, CRISC, GIAC G2700 (or other certifications or tertiary education specifically related to Information Security)
Understanding of IT infrastructure and components
Experience with maintaining security around Linux, with Mac and AWS advantageous
How to Apply
Apply to [email protected] or via the LinkedIN process. Please ensure that you include a full CV.
Cyprus - Right to Work
You must have the right to legally reside and work in Cyprus or be an EU Citizen.
Employment is subject to a National Police check.
ISX Price at posting:
16.0¢ Sentiment: Buy Disclosure: Held
ApplyApply to iSignthis Ltd (ASX : ISX) for the IT Security Specialist jobSaveSave job for IT Security Specialist at iSignthis Ltd (ASX : ISX)
