Job Details

InfoWatch is looking for an Information Security Consultant with 3-6 years of experience in Moscow. Salary is discussed during the interview. The role involves developing and auditing information security policies and providing legal consultations.

Responsibilities: • Development of local regulatory acts (LRAs) in the field of information security for the client; • Maintaining expert materials and templates of local regulatory acts (LRAs) in the field of information security up-to-date; • Conducting legal audits of client LRAs for compliance with legislation on information, commercial secrets, personal data; • Providing consultations on evidence gathering, using DLP systems as a source of evidence in civil and criminal proceedings; • Providing consultations on investigating information security incidents at the client's site; • Preparing expert materials on legal issues, questionnaires, reports in the field of information security; • Participation in information security consulting projects; • Interaction with clients within the framework of project/pre-project activities; • System analysis of regulatory legal acts in the field of information security; • Consulting company clients on legal issues in the field of information security; • Participation in marketing and other events as an information security expert; • Participation in the development of consulting services and their expansion; • Participation in consulting projects as a project manager upon appointment by the direct supervisor; • Conducting negotiations with potential clients regarding the implementation of consulting services; • Supervising internal projects in the consulting department.

Requirements: • Knowledge of information security solutions, software and hardware security tools; understanding of security technologies; • Knowledge and ability to apply information security audit methods and methodologies; • Knowledge and ability to apply methods for assessing information security risks in accordance with best Russian and international practices; • Knowledge of Russian regulatory documentation in the field of information security; • Knowledge of international regulatory documentation in the field of information security; • Knowledge of legal aspects of information security incident investigation (desirable).