IT Security Manager

Responsibilities

Development and implementation of Information Security management system:

• Adaptation, development, and maintenance of information security policies, procedures, and standards in accordance with Russian legislation and Global Headquarters requirements (including personal data protection).
• Organization and control of compliance with internal regulatory acts, as well as Russian Federation legislation in the field of information security (compliance).
• Performing activities to increase the maturity level of the company's information security processes.

Operational Information Security management and Infrastructure protection:

• Performing regular monitoring and auditing of systems (including interaction with external and global auditors) to identify deviations and potential threats.
• Implementation of measures to improve the security level of IT infrastructure and information systems.
• Coordination of configuration and maintenance efforts for antivirus tools, firewalls, and intrusion prevention systems.
• Management and control of user access to information systems and resources, including external contractors.

Information Security project activities and expertise:

• Conducting information security expertise for new IT projects, initiatives, and changes.
• Management of projects aimed at improving the Information Security level.

Incident Response and Investigation:

• Monitoring, detection, response, and investigation of information security incidents.

Security Culture development:

• Development and delivery of security awareness activities for employees on information security fundamentals.
• Close collaboration with the global information security team on solution management and implementation of corporate standards.

IT projects and Infrastructure management:

• Participation in the planning and implementation of IT projects related to the improvement of the company's internal and external services.
• Communication with business units on IT matters.
• Completion of direct tasks assigned by the line manager (IT Manager).

Requirements

• Degree in Computer Science, Information Security, or a related field
• 3+ years of proven experience in Information Security management
• Solid knowledge of Russian information security legislation and compliance requirements (e.g., Federal Law No. 152-FZ "On Personal Data", FSTEC, FSB orders)
• Hands-on experience with configuring and managing security controls: firewalls(Checkpoint/Fortigate/Cisco ASA), antivirus/EDR (Kaspersky/Symantec/CrowdStrike), IDS/IPS(FMC/Checkpoint/Suricata) , SIEM systems (Kaspersky), and access management systems
• Practical experience in conducting risk assessments, vulnerability management, and security audits
• Experience in participating in IT projects from initiation to implementation, with an understanding of project management methodologies
• Professional certifications are a strong plus

Conditions

• Work in one of the largest international companies
• Official employment, compliance with the Labor Code of the Russian Federation
• Voluntary medical insurance policy (extended with dentistry), life and accident insurance
• Paid sick leave up to 100% of salary
• Meal compensation
• Fitness compensation
• Five-day work week (hybrid work format: one day a week remotely)
• Office in the center of Moscow (7 minutes from Paveletskaya or Serpukhovskaya metro stations)