Senior Information Security Specialist

Salary: 280k - 300k net per month Format: Remote work from the Russian Federation. Company: Omega Solutions Project: Fintech

What we expect:

• 5+ years of experience in cyber risk management / information security risk management;
• Experience in the financial sector, telecom;
• Certifications: CRMA (Certified in Risk Management Assurance), CISSP, CISM, FAIR Risk Analyst;
• CRISC certificate (or in progress);
• Deep knowledge of FAIR, NIST, ISO 27001/27005, OCTAVE, COBIT;
• Understanding of modern cyber threats, MITRE ATT&CK, experience transforming technical risks into business metrics;
• Practice of quantitative risk assessment and scenario analysis;
• Knowledge of critical information infrastructure (CII) requirements, FSTEC, Central Bank of the Russian Federation, GDPR, PCI DSS;
• Experience with Excel, SQL, Power BI / Tableau;
• Communication skills with business and C-level executives;
• Experience with GRC platforms, Threat Intelligence and vulnerability management tools;
• Understanding of cyber insurance and information security economics (ROSI, cost-benefit analysis);
• Red Team / risk exercise experience;
• English for working with international frameworks and reporting.

Responsibilities:

• Cyber risk assessment and modeling;
• Development of risk treatment strategies;
• Integration of risk approaches into new products and processes;
• Analysis of incident consequences and adjustment of risk models;
• Preparation of reports and dashboards for business and management;
• Interaction with IT, audit, compliance, and external contractors;
• Monitoring the threat landscape and developing risk management processes.

Conditions

• Registration as an individual entrepreneur;
• Friendly atmosphere within the company;
• Development through real tasks, not formal courses;
• Opportunity to propose ideas and see them implemented;
• Flexible work schedule and remote work option;
• Payment for actual time worked;
• Participation in interesting projects without excessive micromanagement.

We are looking for a Cyber Risk Expert to help the business make strong and secure decisions.