About Kuna Originating from Ukraine as a pioneering one-man over-the-counter (OTC) project in 2014, KUNA has evolved over the last decade into the oldest and continuously operating crypto business from Eastern Europe. KUNA is a leading crypto banking platform encompassing KUNA Pay, KUNA.io, and KUNA Core.
4 березня 2024

СІSO (вакансія неактивна)

за кордоном

A group of fintech projects that builds and improves the world’s infrastructure using blockchain technology. We are a new-generation cryptocurrency financial service and crypto banking for businesses and individuals that allows you to buy, sell, hold and convert, and accept or make crypto payments in both fiat and cryptocurrency reliably and without borders.

Our plans as a company
To make cryptocurrency an alternative finance infrastructure.

Role in the project
We are looking for an experienced CISO in Europe for organizational strategic decision-making, system implementations, and the adoption of new processes and procedures improving the security and robustness of our organizations infrastructure, IT projects and associated systems.

Tools which we use:
Jira + Confluence
Slack + Telegram
G Suit

Required skills:
— Minimum of 3 to 5 years of experience in a combination of risk management, information security and IT jobs
— Professional security management certification
— Good understanding of all current legislation and regulations pertaining to our organization
— Successful track record of effective coordination, prioritization, collaboration, organization and project delivery
— Experience in financial forecasting and budget allocation
— Knowledge of relevant IT Security related hardware, software and vendor solutions
— An overall understanding of the scripting and source code programming languages, such as C#, C++, .NET, Java, Perl, PHP, Python or Ruby On Rails etc. that your teams will be using
— Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
— Practical experience of computer operating systems such as MS Windows, UNIX/Linux
— Deep thinking analytical mind with the ability to quickly get to the root cause of issues
— You will need to be organized, efficient and able to work unsupervised under your own initiative
— Excellent written and verbal communication skills and high level of personal integrity
— Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
— Experience with contract and vendor negotiations and management including managed services.
— Experience with Cloud computing/Elastic computing across virtualized environments.
— Familiarity with industry security standards including NIST, ISO, SANS, COBIT, CERT, PCI DSS
— Significant experience with business management and a working knowledge of information security risk management and cybersecurity technologies and strategy
— Strong understanding and experience with Secure SDLC and DevSecOps or security automation
— Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Ethical Hacker (CEH), or similar

It will be a plus:
Experience in fintech and blockchain.

Responsibilities:
— Definition, Scoping, Creation and execution of IT and Data Security strategies enhancing the reliability and security of the IT systems, projects and underlying data at our company.
— Overseeing managers and teams that you are responsible for, allocating resources to ensure that staff deliver secure and robust IT solutions to any of the company’s identified and agreed requirements.
— Overseeing planning and execution of necessary vulnerability audits, penetration testing or forensic IT audits and investigations. Ensure that outputs improve our company’s IT Security.
— Liaise with senior level directors, the organisations board and other key stakeholders plus managers, programmers and IT Security risk-assessment staff under your remit.
— Oversee integration of new IT Systems Development with the organisations overall IT, Data and Information Security policies.
— Oversee staff training in all the latest security awareness skills, Check associated protocols, methodologies and procedures are implemented.
— Ensure compliance with any related legislation, such as the Data Protection Act, ISO standards or relevant government regulations.
— Plan budget allocations and associated financial forecasts relating to IT, Data and Information security.
— Liaise with and manage your partners, stakeholders, vendors, and third party service or solutions providers.
— Oversee projects, budgets and resources under your remit with a view to ensuring that our company gets a favorable return on its investments in staff, hardware, software and service providers.
— Provide information security cyber defense operations-related expertise across KUNA units.
— Formulate cyber defense center strategy in alignment with cybersecurity strategy.
— Ensure strategy is executed with given resources.
— Manage the Information Security Cyber Defense Operations section’s practices, operations, performance, and budget in line with the organizational requirements and strategic objectives.
— Manage the Cyber Security Incident Response, (event analysis, triage, incident handling and management, investigations and forensics).
— Motivate the Information Security Cyber Defense Operations section team and provide continuous guidance and mentorship in order to create a performance-driven culture.
— Manage the Cyber Threat Intelligence capability (data feed / IOC management, and technical and strategic intelligence).
— Lead the information security cyber defense operations practices to strengthen and optimize group capabilities.
— Oversee information security monitoring activities and ensure that the outsourced security monitoring services can properly monitor security events from all systems, devices, applications, databases and solutions.
— Oversee the escalation and follow-up activities related to information security incidents, breaches, and forensic investigations.
— Oversee the Attack Surface Reduction capability, including routine penetration testing, and vulnerability management activities.
— Manage the activities performed to scan for, analyze, and dispose of vulnerabilities.
— Oversee the acceptance, triaging, assignment, and disposition of critical events and security incidents.
— Oversee the testing and exercising of business continuity, disaster recovery, and incident management plans.
— Participate in root cause analysis, and action reports development for high-profile and high-impact information security incidents.
— Manage the Cyber Threat Intelligence unit capability by overseeing the collection and analysis of threat intelligence and validating the threat intelligence reports that will be shared with ADIB teams.
— Manage the Threat Defense Operations unit by reviewing the activities associated to threat hunting and detection logic creation and update.
— Manage the design and oversee the implementation of information security cyber defense operations technologies and rules to ensure that adequate alerts are generated and appropriate logs are recorded.
— Provide expertise to ITD to ensure SIEM configuration is aligned with the detection logic developed to address critical use cases.
— Manage the Attack Surface Reduction unit’s activities by overseeing how routine penetration testing, and vulnerability management activities are performed.
— Provide expertise for projects and initiatives related to cyber defense operations and ensure their planning and execution is aligned with the Information Security Cyber
— Defense Operations objectives and strategy.
— Ensure created use cases covers critical and high risk attacks and threats.
— Develop and maintain libraries for threats and vulnerabilities.

What this job will offer you:
We have a socially significant project, and we want to solve universal problems with payments;
We are ready to give you all the knowledge and training you need, and we are open to applying your knowledge and experience to succeed;
Medical insurance policy upon successful completion of the adaptation period.

Location
Europe
Office in Warsaw