Information Security Expert
EnduroSat
- София
- Permanent
- Full-time
- Develop and implement comprehensive cybersecurity strategies, policies, and procedures to safeguard company assets.
- Ensure compliance with the regulations and standards (e.g., ISO 27001, GDPR, SOC 2) and oversee the certification processes.
- Manage Security Operations Center (SOC) activities, including threat monitoring, incident response, and vulnerability management.
- Implement and manage security monitoring tools and technologies to detect and respond to security incidents proactively.
- Enhance application security by conducting code reviews, vulnerability assessments, and secure development training.
- Oversee cloud security initiatives, including configuration management, access controls, and data protection in cloud environments (AWS preferable).
- Implement and maintain network security controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), and web application firewalls (WAF).
- Conduct security awareness training programs and simulated phishing campaigns to educate employees about cybersecurity best practices.
- Implement and manage endpoint security solutions, including antivirus, endpoint detection and response (EDR).
- Collaborate with cross-functional teams to integrate security best practices into business processes and applications.
- Lead incident response efforts and coordinate with internal teams and external partners during security incidents.
- A degree in Computer Science, Information Security, or related field (Masters degree preferred).
- Proven experience (5+ years) in a senior cybersecurity role, such as CISO, ISO, Security Specialist, or similar.
- Strong understanding of compliance frameworks and standards (ISO 27001, NIST, SOC 2, GDPR).
- Experience managing SOC operations, including threat detection, incident response, and forensic investigations.
- Proficiency in security monitoring tools such as SIEM, IDS/IPS, and log management platforms.
- Deep knowledge of application security principles, secure coding practices, and vulnerability assessment tools.
- Hands-on experience with cloud security technologies and best practices.
- Expertise in network security, including firewalls, VPNs, and secure network design.
- Familiarity with Microsoft Active Directory (AD) and Office 365 security configurations.
- Experience implementing and managing web application firewalls (WAF) and endpoint security solutions.
- Strong leadership and communication skills, with the ability to influence stakeholders at all levels.
- Relevant certifications (CISSP, CISM, CISA, etc.) are highly desirable.
- Be open to knowledge-sharing.
- Understand the importance of last-mile delivery.
- Be a quick learner, proactive, self-starter.
- Have excellent communication skills and a positive attitude.
- Be passionate about space.