Litujeme, společnost nabízející danou pracovní pozici ukončila zveřejnění nabídky na stránce.
Děkujeme za pochopení.
Zobrazit podobné nabídky
Děkujeme za pochopení.
Zobrazit podobné nabídky
Secure SDLC Program Lead
NESS KDC, s.r.o.
Place of work
Business Center Moldavská, Moldavská cesta 10/B, Slovak Republic
Business Center Moldavská, Moldavská cesta 10/B, Slovak Republic
Contract type
full-time
full-time
Start date
ASAP
ASAP
Information about the position
Job description, responsibilities and duties
Client of Ness KDC is a growing and evolving it`s organization, developing and deploying innovative and robust technology solutions for remotely assessing turbomachinery equipment condition. The function is charged with protecting the software products by managing its governance, compliance, risk management, vendor/partner audits and assessments, end user awareness, security monitoring/reporting and incident response.
We are looking for IT Security specialist that will be part of a dispersed team providing advisory services to the rest of the organisation on IT Security at domain level. Place of work - anywhere.
Responsibilities
Act as Program Lead regarding the end-to-end secure SDLC and focus on information security related projects in collaboration with business partners within the organisation in the following information security domains, including:
Information security management
Risk management
Secure application development
Secure testing
Vulnerability management
IT assurance
Incident response
Network security
Security architectures
Identity management and access control
Disaster Recovery & Business Continuity
Cyber Security
Tasks
Support development and maintenance of security requirements
Support the organisation’s risk culture
Support secure design architecture by development and integration of a risk management program in existing process flow (e.g. risk register, gate reviews, security testing), using Rally software product
Support the set up and maintenance of a security, training, awareness and communications program
Support the governance and operating model
Maintain policies and standards for Secure SDLC process
Support development of management reporting and compliance program (including setting up of Key Performance Indicators)
Support secure coding and testing practices
Development of security testing protocols in collaboration with application development and network operations teams
Support secure deployment and hypercare of the team’s software
Support application security administration
Support secure configuration and change management process
Work with security industry standards (ISO 270xx, COBIT, OWASP, NIST, etc.).
Work with application development teams, network operations team and other stakeholders to implement controls to mitigate current security threats that are proportionate to the risk, feasible to implement, possible to measure, mapped to external requirements (e.g., laws/regulations), and of general applicability.
Keep up to date with information security technologies, trends, standards and best practices.
Write business and technical reports and develop presentations.
Support IT assurance activities (e.g. penetration testing)
Demonstrate knowledge in some areas of industry or functional specialty (i.e. SCADA, Critical Infrastructure).
Able to work flexible hours to enable contact with U.S.
We are looking for IT Security specialist that will be part of a dispersed team providing advisory services to the rest of the organisation on IT Security at domain level. Place of work - anywhere.
Responsibilities
Act as Program Lead regarding the end-to-end secure SDLC and focus on information security related projects in collaboration with business partners within the organisation in the following information security domains, including:
Information security management
Risk management
Secure application development
Secure testing
Vulnerability management
IT assurance
Incident response
Network security
Security architectures
Identity management and access control
Disaster Recovery & Business Continuity
Cyber Security
Tasks
Support development and maintenance of security requirements
Support the organisation’s risk culture
Support secure design architecture by development and integration of a risk management program in existing process flow (e.g. risk register, gate reviews, security testing), using Rally software product
Support the set up and maintenance of a security, training, awareness and communications program
Support the governance and operating model
Maintain policies and standards for Secure SDLC process
Support development of management reporting and compliance program (including setting up of Key Performance Indicators)
Support secure coding and testing practices
Development of security testing protocols in collaboration with application development and network operations teams
Support secure deployment and hypercare of the team’s software
Support application security administration
Support secure configuration and change management process
Work with security industry standards (ISO 270xx, COBIT, OWASP, NIST, etc.).
Work with application development teams, network operations team and other stakeholders to implement controls to mitigate current security threats that are proportionate to the risk, feasible to implement, possible to measure, mapped to external requirements (e.g., laws/regulations), and of general applicability.
Keep up to date with information security technologies, trends, standards and best practices.
Write business and technical reports and develop presentations.
Support IT assurance activities (e.g. penetration testing)
Demonstrate knowledge in some areas of industry or functional specialty (i.e. SCADA, Critical Infrastructure).
Able to work flexible hours to enable contact with U.S.
Employee perks, benefits
Language courses
Technical courses, Certifications
Soft skills training
Purchasing of professional literature
Commercial partners discounts
Favourable terms for bank products
Home Office
Extra Vacation days
Sickness days
Ness Summer club – full-day summer program for children of our employees
Referral Fee - employee referral for onboarding a new employee
Diners club credit card
High-standard working conditions
Technical courses, Certifications
Soft skills training
Purchasing of professional literature
Commercial partners discounts
Favourable terms for bank products
Home Office
Extra Vacation days
Sickness days
Ness Summer club – full-day summer program for children of our employees
Referral Fee - employee referral for onboarding a new employee
Diners club credit card
High-standard working conditions
Requirements for the employee
Candidates with education suit the position
University education (Master's degree)
Language skills
English - Intermediate (B1)
Personality requirements and skills
Required
Minimum of three years’ experience in IT security related disciplines.
3+ years working in the information security field (specifically in information risk management).
Good understanding of security relevant industry standards and good practice, such as ISO 270xx series, COBIT, OWASP, etc.
Demonstrated ability to write business and technical reports and to participate in presentations.
Experience with application development is a plus.
Experience with technical solutions in the area of information security is a plus
Ability to take a broad view of his/her position and take initiative to communicate, interact, and cooperate with others to ensure that all aspects of a task are addressed.
Strong technical and analytical skills.
Strong team player.
Customer service and process focused.
Strong written and verbal communication and collaboration skills.
Experience in client facing consulting is a plus.
Working with Agile methodology is a plus
JavaScript, Java, Python, .Net
Continuous integration process
Relevant Bachelor’s degree in information technology or equivalent experience. Post-graduate work in a related field is considered a plus.
CISSP, CISM, SOGP or any other security certifications are preferable.
Project management certification is considered a plus.
Excellent oral and written communication skills in English (an additional language e.g., Italian is a plus).
Minimum of three years’ experience in IT security related disciplines.
3+ years working in the information security field (specifically in information risk management).
Good understanding of security relevant industry standards and good practice, such as ISO 270xx series, COBIT, OWASP, etc.
Demonstrated ability to write business and technical reports and to participate in presentations.
Experience with application development is a plus.
Experience with technical solutions in the area of information security is a plus
Ability to take a broad view of his/her position and take initiative to communicate, interact, and cooperate with others to ensure that all aspects of a task are addressed.
Strong technical and analytical skills.
Strong team player.
Customer service and process focused.
Strong written and verbal communication and collaboration skills.
Experience in client facing consulting is a plus.
Working with Agile methodology is a plus
JavaScript, Java, Python, .Net
Continuous integration process
Relevant Bachelor’s degree in information technology or equivalent experience. Post-graduate work in a related field is considered a plus.
CISSP, CISM, SOGP or any other security certifications are preferable.
Project management certification is considered a plus.
Excellent oral and written communication skills in English (an additional language e.g., Italian is a plus).
Advertiser
Brief description of the company
NESS KDC, Ltd. ( Ness Development Center Košice ), opened in 2005, is the first succesful independent base of European strategy of Ness in the area of software engineering. Research and Development Center in Košice is a part of the global delivery organisation Ness Technologies which thanks to the succesful SPL ( Software Product Lab) belongs to the worldwide leaders in the area.
NESS KDC, Ltd. achieves strategic goals worldwide by means of combination of provided services. These are for example design and development of solutions, product testing, provision and maintenance of their quality, implementation of new solutions, technical support of the extensive applications, project management and many more.
http://www.nesskdc.sk
NESS KDC, Ltd. achieves strategic goals worldwide by means of combination of provided services. These are for example design and development of solutions, product testing, provision and maintenance of their quality, implementation of new solutions, technical support of the extensive applications, project management and many more.
http://www.nesskdc.sk
Number of employees
250-499 employees
ID: 2252908
Datum zveřejnění: 13.10.2015
2015-10-13
lokalita: Slovak Republic Pozice: IT Analyst, IT Architect, IT Security Specialist Společnost: NESS KDC, s.r.o.