IT Risk Consultant
Istanbul, Turkey
Company Description
Since 1998, Lostar is the leading Information Security firm, with more than 1000 projects.Its main services are; Information Security Checkups such as Internet-Intranet Penetration Tests, Gap Analysis of world wide best practices like COBIT, ISO 27001, ISO 22301 and ISO 20000, related consultancy and data protection projects and also Employee Security Awareness Methodology trainings.
Lostar consultants, who are well trained and experienced, create the optimal-cost solutions for their customers with paying attention to technical and commercial needs.
Roots in Turkey, Lostar has 3 offices in 3 different cities such as Istanbul, London and Sakarya.
We work with the best to create the best service and value for our clients.
For latest news and updates please follow us on:
- Linkedin: Lostar
- Instagram: LostarInfoSec
- Twitter (TR): Lostar
- Twitter (EN): Lostar_EN
- YouTube: LostarTV
- Facebook: Lostar
- Facebook (Jobs): LostarKariyer
- English: https://lostar.com
- Turkish: https://lostar.com.tr
Job Description
· Providing expert guidance to IT and Information Security colleagues on the identification, analysis, evaluation and treatment of information security risks.
· Drive and support information risk reduction activities via engagement with key stakeholders and insights from internal and external cyber intelligence sources.
· Drive and support the adoption of a leading Information Security Risk Management framework in PMI and contribute to the continuous improvement of the risk management practice.
· Support reviews of systems and services for compliance with Company requirements in the areas of information security and information management.
· Presenting clearly and adapting to different audiences (technical and business), synthesize feedback from the field in a way that makes sense to senior leaders. Being able to drive data driven discussions.
· Advisory over activities to be done throughout the project and during systems development and implementation for good information protection and audit preparedness of the implemented solution.
· Coordinate Company practices for management of electronic and hard copy records
· Conducting information security risk management trainings and awareness campaigns.
· Partnering with other Information Security teams to continuously improve the overall information security risk exposure and achieve higher levels of information security maturity.
Qualifications
· Minimum 3 or more years of experience in implementing and maintaining a risk management framework in a modern IT environment (e.g., with cloud computing, big data, DevOps, identity & access management, personal data protection, IT systems controls and data leakage prevention solutions).
· Good understanding of IT risk management frameworks and methodologies (e.g., NIST RMF, ISO 27005).
· Deep knowledge of industry and regulatory requirements (e.g., SOX, GDPR, PCI-DSS).
· Professional certifications related to information security risk management (e.g., CRISC, ISO 27005 Risk Manager), would be an asset.
· Solid knowledge of ITIL processes, project management incl. Agile methodologies
· Strong interpersonal, verbal and written communication skills. Fluency in written and spoken English
Tags: Agile Big Data Cloud COBIT Compliance CRISC DevOps GDPR ISO 22301 ISO 27001 ISO 27005 ITIL NIST Risk management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs