Information Security Lead / ИБ (International Food Company)
JFL Consulting · зарплата не указана · Москва · HH · опубликовано 27 апреля 2026 г.
Описание вакансии
The Role:
• Act as the local owner of Cybersecurity Governance, Risk & Compliance (GRC) and Security Operations (SecOps) for the Russian organization.
• Ensure that the Russian IT landscape remains secure, compliant with local regulations (including 152-FZ), and fully aligned with the Group’s global security framework (ISO 27001, NIST).
• Lead local risk management activities: conduct regular risk assessments, maintain the risk register, define mitigation plans, and ensure visibility of key risks to management.
• Oversee regional security operations in coordination with global SOC and external providers, ensuring effective monitoring, incident response, vulnerability management, and post-incident reviews.
• Ensure robust implementation and monitoring of security controls across network, endpoint, identity, and cloud environments, supporting the ongoing IT infrastructure transformation.
• Drive audit readiness, compliance reporting, and documentation management using GRC tools and structured reporting processes.
• Promote a strong security culture through awareness initiatives, training programs, and close collaboration with IT and business stakeholders.
• Act as the main interface between Russia IT and global Security teams, ensuring integration of security requirements into all local IT projects and strategic initiatives.
The Candidate:
• Higher education in Information Security, IT, or a related field. Relevant certifications (CISSP, CISM, CRISC, etc.) are a strong advantage.
• 5+ years of experience in cybersecurity with exposure to governance, risk management, compliance, and security operations in an international environment.
• Strong knowledge of ISO 27001 / NIST frameworks and Russian cybersecurity & data protection regulations.
• Solid understanding of network, endpoint, cloud (Azure), identity & access management, and incident response domains.
• Autonomous, analytical, and structured, with the ability to influence stakeholders and operate effectively in a matrix organization. High level of integrity and ownership.
• English