Position: Network & Cybersecurity (IT / Hardware & Software Development)

Job description of the leading information protection engineer of the technical department. 1. General provisions 1.1. The leading engineer organizes and conducts an audit of information security in automated systems of «CISP» and is responsible for the entire scope of information protection issues in automated systems of «CISP». Responsibilities: 2.1. Administration of information protection systems of automated systems and management of information protection in automated systems of «CISP». 2.2. Monitoring of information security and identification of security threats of information processed by automated systems of "CISP". 2.3. Audit of vulnerabilities of information security systems and detection of threats to automated systems of «CISP». 2.4. Development and implementation of organisational, administrative, technical and other measures to secure information in automated systems of «CISP» 3. Job responsibilities The leading engineer is obliged to: 3.1. Systematically analyze the security of automated information systems, as well as their components in order to identify potential vulnerabilities of information security of automated systems of «CISP». 3.2. Using the identified vulnerabilities of automated systems of «CISP», to identify the main threats to information security in the automated systems of «CISP». 3.3. Comprehensively apply the instrumental means of controlling the security of information in the automated systems of the «CISP». 3.4. Based on the analyzes carried out, the identified vulnerabilities of the system and the main threats of the protected information defined further to develop models of information security threats and models of the offender in the automated systems and security substems of the automated systems of «CISP». 3.5. Based on threat models: 3.5.1. participate in the design, modeling, research of automated systems and information security subsystems of automated systems of «CISP»: 3.5.2. to analyze and synthesize structural and functional schemes protected by automated information systems of «CISP»: 3.5.3. to justify the criteria for the effectiveness of the functioning of protected automated information systems; 3.5.4. to develop draft regulatory documents regulating the work on information security, as well as to develop proposals for improving the information security management system in the automated systems of «CISP»; 3.5.5. use available technical, software and software and hardware means of information security in automated systems of «CISP». 3.6. Systematically improve the level of their professional knowledge and skills necessary for the proper performance of official duties.