Information Security Officer

Acest job nu mai este activ!

Vezi toate job-urile TotalSoft active.

Vezi toate job-urile Information Security Officer active pe

Vezi toate job-urile in IT Hardware active pe

Vezi toate job-urile in IT Software active pe

Angajator: TotalSoft
  • IT Hardware
  • IT Software
  • Tip job: full-time
    Nivel job: 1 - 5 ani experienta
  • Actualizat la: 28.04.2021
    Scurta descriere a companiei

    Established in 1994, TotalSoft is one of the most important providers of business software systems (ERP, HCM, CRM, DM and BI) in Central Europe.

    TotalSoft is the preferred ERP solutions provider in Romania and one of the top 10 global providers of software solutions for the leasing industry.TotalSoft’s top products, Charisma ERP, Charisma HCM are market leader products in Romania, with relevant references in 8 industries: financial services, retail, distribution, production, construction, agriculture, medical and services.

    Currently, TotalSoft has a team of +500 software specialists and projects in 45 countries on 4 continents.

    In autumn 2016, TotalSoft was acquired by Logo Business Investment S.A. (Logo), the largest independent software provider in Turkey. With over 35 years of experience, Logo is one of the fastest growing software companies, delivering innovative solutions and services through more than 800 partners. The company is present on 45 international markets serving over 90,000 customers in Europe, Middle East, Africa and Asia. Logo is the first publicly traded IT company in Turkey.

    For more information, please access:, and


    What you need to succeed:

    Understanding of IT Security Policies and Procedures, IT Security Standards
    (ISO 2700x family of standards), Regulations (GDPR, NIS), Frameworks (OWASP, NIST, etc.)
    Understanding Windows-based environments and products (Windows Server, SQL Server, IIS etc.)
    Understanding network components and configurations (Firewall, Router, Switch, VPN, IPS/IDS, Proxy, etc.)
    Understanding cloud deployment models (SaaS, PaaS, IaaS, private, public)
    Understanding overall Threats, Attacks, and Vulnerabilities (Social Engineering, Service Attacks, Cryptographic Attacks, Untrained Users, etc.)
    Understanding Identity and Access Management (AAA, SSO, RADIUS, Access control models, Permission auditing, etc.)
    Understanding Risk Management (Risk Assessments, Asset Management, Change Management, etc.)
    Understanding SDLC models and Application-specific Vulnerabilities (SQL injection, XSS, etc.)
    Understanding Agreement types – NDA, DPA, SLA, etc.
    Understanding Disaster Recovery, Business Continuity, and BIA concepts
    Understanding basic concepts of Cryptography (Symmetric / Asymmetric algorithms, Cipher modes, Hashing, Cryptographic protocols, etc.)
    Understanding command-line tools (netstat, tcpdump / wireshark, nmap, netcat etc.) and vulnerability scanning tools (Nessus, Qualys, etc.) is a plus


    What you will do:

    Assess the overall security posture of an organization, identify potential risks and opportunities, propose measures to mitigate risks
    Work with IT Support Team to help implement and verify security measures: patch management, systems, and devices hardening, asset management, change management, network security
    Conduct vulnerability tests on various environments and create reports containing remediation plans
    Create and update: IT Security policies and procedures; IT Security awareness materials for users of the organization’s IT networks and systems
    Represent organization for ISO surveillance and recertification audits
    Prepare Disaster Recovery and Business Continuity Plans and conduct tabletop and functional tests
    Work with DPO and Legal Advisors to review various Clients’ contractual security requirements
    Work with Clients’ IT Security Officers to identify gaps and improvements on hosted systems provided to Clients (multi-layered Windows-based environments: Database, BI, Application, etc.)
    Provide answers and proofs to Clients’ security questionnaires or other external requested audits

    Alte informatii

    We offer a motivating package:

    Professional and friendly working environment
    Training and on-going development opportunities
    Exposure to challenging projects in various industries both local and international
    Private medical services
    Relaxation area.

    What recommends us?

    We do things with energy, passion, and curiosity, and we are backed by our culture of innovation. We offer a diversified range of activities in an international environment as well as a dynamic team with ambitious, yet realistic, objectives for the future, promoted by an open team and communication culture.

    Aplicand la acest anunt va exprimati acordul ca datele dvs. sa fie transmise si procesate de catre TotalSoft. Consultati Politica de procesare a datelor personale a TotalSoft >>