Job Details

Yandex Cloud is looking for an Information Security Manager with over 3 years of experience. The role involves managing information security processes, designing protection systems, and ensuring regulatory compliance. Hybrid/office work in Moscow.

Responsibilities: - Manage information security (IS) processes - Design protection systems - Ensure compliance with regulatory requirements and internal regulations

We expect you to have: - Good technical expertise in infrastructure: virtualization, containerization, key IaaS platform services - Good understanding of cloud platform architecture - Experience designing protection mechanisms for complex, non-standard environments - Familiarity with state and industry IS regulatory requirements - Knowledge of IS and data protection regulatory requirements - Experience working with mandatory IS regulatory requirements - Ability to build processes from technical, organizational, and legal perspectives - Ability to communicate with developers, lawyers, auditors, and business stakeholders - Understanding of risks, controls, and audits and their interrelations Will be a plus if you: - Have developed in one or more languages: C++, Java, Python, Go - Know and can apply application security mechanisms in Linux systems and containerization tools - Have conducted source code security audits, understand threat modeling principles and common insecure programming patterns - Have a good understanding of API security - Have experience in application penetration testing - Have participated in internal and external audits

What we offer: - Deep immersion in the subject area, complex and strategically important tasks - Flexible schedule - Extended voluntary medical insurance program, bonuses, loyalty programs - Meal compensation - Gym and yoga in the office