Description

We are looking for an intern for the cybersecurity risk assessment team.

Responsibilities

• processing cybersecurity risk assessment requests, checking the correctness of filling out all mandatory fields
• studying the subject area based on received requests, identifying assets and risk owners, recording the obtained detailed description of the assessment scope for current and planned states
• clarifying the completeness and correctness of the assessment scope, making necessary additions to the assessment scope
• calculating risk rating and level, forming and coordinating an expert conclusion based on the assessment results
• sending conclusions to customers based on the assessment results, containing information on risk level and risk treatment options
• recording in the risk register data on the risk owner, information on the risk treatment option, mitigation plan activities with deadlines
• participating in improving cybersecurity risk management processes, including document development.

Requirements

• education in the field of "Information Security": studying in the final years of the specialty
• knowledge of the risk management process, information security risk assessment methodologies, main regulatory requirements in the field of information security
• general knowledge of products and solutions in the field of information security: antivirus protection, access control protection, network firewalling, intrusion detection, virtualization protection, EMM solutions, etc.
• understanding of the basics of building an information security risk management system in accordance with ISO 27005
• competent speech, ability to correctly express one's thoughts orally and in writing.

Conditions

• comfortable modern office
• on-site work format
• corporate gym and relaxation areas
• more than 400 educational programs from SberUniversity for professional and career development
• opportunity to gain experience in the country's largest bank.