We are looking for a new Head to bring more technical background and strategic thinking to the table. Some processes and tools are established, so you will be responsible for adjusting them and establishing new ones as the company and client requirements for InfoSec are growing.

• 3+ years of experience in SOC, information security management team, blue team or similar.
• 5+ years of experience in the IT industry.
• Team leadership experience is a great plus.
• Solid understanding of enterprise technologies and security tooling landscape.
• Deep understanding of security practices, like incident management, vulnerability management, etc.
• Knowledge of modern application architecture (microservices/cloud / asynchronous communication) and threat landscape.
• General knowledge of application vulnerabilities and related issues.
• Professional certifications, such as CISSP, CISM, and similar.
• At least Upper intermediate English level.

Skillsets:

• Ideally knowledge of cybersec tooling:

– Endpoint protection toolset (e.g. CrowdStrike, Defender, etc.)

– Familiarity with monitoring tools and SIEM solutions (e.g. QRadar, Azure Sentinel, etc.).

– Network and vulnerability scanners (e.g. Qualys, Rapid7, Nessus, etc.).

– Cloud experience (in particular Azure).

– Experience with BurpSuite is a big plus.

• Define the measures and processes to mitigate cybersecurity risks, including:

1) Monitor security events and alerts from multiple sources.

2) Analyze and investigate security incidents and events to determine the root cause.

3) Conduct risk assessments to identify vulnerabilities and potential threats.

4) Participate in incident response activities, including triage, containment, and remediation.

5) Develop and maintain security documentation, procedures, and guidelines.

6) Conduct vulnerability assessments and penetration testing.

7) Collaborate with other teams to ensure the organization’s systems and infrastructure security.

8) Coordinate internal and external audits.

• Participate in corporate-wide processes on behalf of the cybersecurity team, such as access provisioning, change management, awareness training, etc.
• Take the leading role in SIEM implementation project.
• Be responsible for cybersecurity tools administration.
  

• Annual paid vacation of 18 working days.
• Extra vacation days for long-lasting cooperation.
• Annual paid sick leave of 10 days.
• Maternity/Paternity leave.
• The opportunity for sabbatical leave.
• Marriage and Parenthood Package.
• Compensation for sports activities (up to 250$ per year) or health insurance covering (70%) — after the trial period.
• Internal education(corporate library).
• Career development plan.
• English and Spanish classes.
• Paying taxes and managing PE (Private Entrepreneur).
• Technical equipment.
• Internal Referral program.
• Opportunity to take part in company volunteering activities.
• Sombra is a “Friendly to Veterans” award-holder.