On the 16th of September Symphony Solutions hosted OWASP Ukraine meetup 2016 Lviv. It is a secu...19 September 2016
This Vacancy is currently inactive. However, should you wish to send your CV for consideration, please use the form below and when the position becomes active again, we will notify you.
Symphony Solutions – Why So Special?
Symphony Solutions is an international Dutch IT company with offices in Ukraine, Macedonia, and Poland. We have been on the market for more than 10 years already and preserve unique culture within all our locations.
At Symphony Solutions we have removed all possible barriers created by the traditional organization and embraced the organic principles and a high-degree of self-management. We believe that this kind of organization is the optimal environment to attract and retain the best talents, fully develop them and leverage their potential. As a result, we have achieved the highest retention of employees possible in our industry (currently there’s less than 3% unwanted turnover).
We have a unique employee selection process where colleagues choose colleagues. Such approach eliminates possible conflicts and ensures honest and transparent relationship with clients and within the team. Symphony Solutions is a company that strives to be the Best Price/Performance and the easiest to do business with.
Purpose of the Role
The ISO/DPO is responsible for developing and implementing strategies concerning the protection and legitimate exploitation of Symphony’s information assets and technologies. The ISO/DPO ensures Symphony’s compliance with relevant laws and regulations; manages the information risk and security management function; aligning the business objectives with the IT security policies.
- Bachelor's degree in Computer Science, Information Technology or related field
- Proven experience in IT security (5+ years);
- 2-5 years of experience in application development is a plus;
- Knowledge of the latest IT threat modelling methods;
- Experience in driving large-scale change programs is highly desirable;
- Experience of functioning into a team;
- Solid knowledge of SDLC from design, testing, deployment to post production and the different risk elements associated with each step;
- Experience in application security, vulnerability testing, system testing, and/or Agile lifecycle management;
- Good knowledge of ISO27001 standards and GDPR, to be able to prepare organization for an audit;
- Experience with ISMS;
- Leadership skills – capable of implementing IT security goals and issues; able to drive the IT security strategy forward by his recognized expertise;
- Team player; solid people management skills – providing direction, monitoring performance, motivating staff and building a positive working environment;
- Ability to adapt to a fast-moving IT landscape and keep pace with latest thinking and new security technologies;
- Analytical mind capable of managing numerous information sources and providing data analysis reports to management;
- Strong customer focus – able to meet the demands of mainly internal customers;
- Excellent communication and presentation skills – providing verbal and written communication to both management as well as other stakeholders;
- Flexible and adaptable – capable of changing direction where required and showing flexibility to meet new demands;
- Can make decisions that are well informed and timely;
- Creative thinking – able to look at alternatives and consider new ways of thinking to problem solve;
- Multi-tasking – can manage several concurrent projects and prioritize demands;
- Work with senior management to ensure IT security protection policies are being implemented, reviewed, maintained and governed effectively;
- Ensuring compliance with GDPR;
- Security point of contact for all issues;
- Security training and awareness of the staff in the Symphony group;
- Implementing an effective reporting of security incidents;
- Handling security incidents, triggering and overseeing investigations of reported security breaches, suggesting how to remedy and avoid these incidents;
- Performing IT security risk assessments, communicating with key stakeholders about IT security threats and suggesting ways to minimize these;
- Monitoring security vulnerabilities and cyber-hacking threats in the network and host systems;
- Tracking latest IT and cyber security innovations, strategies and technologies, lead security awareness and training initiatives in the organization;
- Managing security experts and advisors;
- Implementing business continuity plans and disaster recovery plans;
- Identity and access management;
- Conducting preventive security tests;
- Prepare financial forecasts for security operations and proper maintenance cover for security assets;
- To take care of all data protection processes including Personal Data of customers
- Friendly and highly professional teams;
- Competitive salary and compensation package;
- Career and professional growth;
- Regular (twice a year) performance reviews;
- Paid English classes;
- Casual Fridays, corporate events, birthday/wedding presents;
- Comfortable office facilities (kitchen, coffee machines, massage room, different trainings etc.);
- Clubs of interests (travel & bicycle club, symphony cuisine, music band, choir);
- Sport activities (football team, yoga, fitness, stretching classes);
- Low hierarchy and open communication;
- The coolest office in Western Ukraine.