Lead Specialist of the GRC (Governance, Risk, and Compliance) Department in Information Security

Education with a bachelor's or master's degree in Information Security, Cybersecurity, Computer Science or related fields; Fundamental IT knowledge is essential; Understanding of information security principles and international practices; Familiarity with security frameworks and standards like ISO 27001, NIST, and PCI-DSS is desirable. At least 3 years of work experience in the field of information security; Audit experience in functional IT divisions; Technical experience in compliance checks for information security; Ability to write scripts for the automation of compliance processes; Knowledge or experience in the preparation of Threat Modeling processes; Basic knowledge or experience in incident management is desirable. Experience or knowledge related to the implementation of systems ensuring the security of IT infrastructure (DLP, PAM, MDM, MAM, Mail Security, System/Network Security, etc.) is desirable. Experience or knowledge in the implementation and configuration of an application-level security firewall (Cloud WAF is preferable) is desirable. High level of communication skills in Azerbaijani; High level of communication skills in English or Russian; Initial knowledge or experience in conducting awareness simulations or trainings in the information security area for human resources; Strong analytical thinking and problem-solving skills; Ability to work independently and as part of a team.