Abona is a German company that has been successfully presenting its own product on the market for 25 years — an ERP system that helps our clients to effectively manage the business processes of their enterprises. Now we are looking for IT Security Manager our Ukrainian team.Benefits of working with us: the opportunity to grow and develop among professionals informal atmosphere within the team loyal and motivating leadership European values in relation to employees working in a multinational environment Job Description: IT Security Manager is responsible for establishing and maintaining a corporate wide information security management program to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. IT Security Manager will proactively work with business units to implement practices that meet defined policies and standards for information security, especially ISO27001. Key responsibilities: Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program Develop, maintain and publish up-to-date information security policies, standards and guidelines Support information security governance through the implementation of an information security steering committee/advisory board Develop and manage information security budgets and monitor them for variances Create and manage information security awareness training programs Manage security issues and incidents, and participate in problem and change management forums Ensure that security programs comply with relevant laws, regulations and policies Define and facilitate the information security risk assessment process, including the reporting and oversight of treatment efforts Work directly with the business units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program. Skills and Qualifications: A minimum of six years of IT experience, with five years in an information security role and at least one year in a supervisory capacity A bachelor's degree in information systems or equivalent work experience Experience with common information security management frameworks, such as ISO 2700x, ITIL, COBIT, NIST frameworks Experience developing and maintaining policies, procedures, standards and guidelines A strong understanding of the business impact of security tools, technologies and policies. Experience in system technology security testing (vulnerability scanning and penetration testing) Familiarity with the principles of cryptography and cryptanalysis An understanding of operating system internals and network protocols A strong understanding of the business impact of security tools, technologies and policies Experience working with legal, audit and compliance staff Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and work with minimal supervision. Excellent communication skills and technical English (Intermediate+) Certification such as CISM, CISSP, CISA, CEH would be a plus Also, we offer: official employment under a labor contract or as a FOP work schedule Mon-Fri 9.00-18.00 flexible start of the working day until 10.00 remote work 24 days of vacation.