5977 Cybersecurity Risk Analyst
Atyrau, Kazakhstan
Job Reference 1251068
Location Atyrau, Kazakhstan
Industry Oil & Gas - Onshore Oil
Function IT & Telecoms
Job Type Contract
Date Added November 8, 2024
Airswift (Air Energi Caspian LLP) is currently looking for a Cybersecurity Risk Analyst (for KZ passport holders) for one of our large project in Atyrau, 5\2. We are looking for candidates with the drive and commitment to make a genuine difference to our performance to ensure that the company continues to differentiate itself from competitors by delivering quality service to our client’s requirements.
Job description:
• Perform implementation, execution and validation of security program and operations activities related to protecting information and information systems from unauthorized access and use, provide assurance and mitigation actions from security threats.
• Develop a detailed action plan for fulfillment of set tasks
• Collect, summarize and structure the information
• Develop resolution options within the framework of professional duties
• Work independently with minimal supervision
• Assess his/her own strengths and weaknesses
• Make practical steps for personal development
• Share his/her work experience and information with colleagues for achievement of corporate goals
• Express his/her thoughts clearly and in structured manner both in written and verbal form
• Performs routine and additional risk analyst duties to build deeper knowledge related to cyber risk management processes to ensure that the organization effectively secures of Company operations.
• Manages multiple assignments concurrently.
• Coordination of risk based execution plans and ensures adherence to compliance activities;
• Providing guidance on the use of the controls, engineering standards and security guardrails.
• Facilitation of risk assessments
• Utilization of existing procedures for handling cybersecurity incidents, participation in evaluating potential events to determine if they are real or false positives, and produces detailed security incident reporting that communicates monitoring and response findings;
• Leveraging defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within company assets to protect information, information systems, and networks from threats;
• Training others on procedures for handling cybersecurity incidents and development of customized remediation solutions based on unique cybersecurity incidents;
• Reporting cyber incidents and participation in incident investigation and resolution
• Coordination of external and internal assurance or advisory audits, throughout the lifecycle of the audit (planning through remediation) under guidance from Lead or more senior cybersecurity risk analysts.
• Interacts with internal parties. This includes meetings to conduct research, analyze available data and draw conclusions to independently identify issues and trends, partner with experts and others to solve analytical problems.
• Through daily work activities continues to learn about Company's business processes in their area of support responsibility
• Reports to Lead or higher grade Cybersecurity risk analyst or Cybersecurity Risk Manager
Job Specification and requirements:
• Citizenship of RoK
• Bachelor Degree or higher in Computer Science, Computer/Software Engineering, Information Systems, Information Security, Cybersecurity or relevant discipline is preferred. Or in lieu of technical degree at least 2 year of relevant IT experience is required.
• At least 1 years of experience in Information Technology, the Information Risk Management area, Cybersecurity, or other relevant fields required
• Knowledge of key IT principles and technologies
• Knowledge of foundational cybersecurity and Information risk management and basics of process management and improvement, service management
• Advanced knowledge of English and Russian, with intermediate proficiency in Kazakh (preferred).
• Confident user of MS Office (Excel, Word, PowerPoint)
• Certification on Cybersecurity domain, familiarity with Agile/SAFe will be considered as an advantage.