• Support the establishment, implementation, and continuous improvement of the Information Security Management System (ISMS) and associated control mechanisms in alignment with international standards and industry best practices;
• Ensure Access Management processes are aligned with organizational policies and procedures by enforcing proper authorization, access controls, and conducting regular access reviews within enterprise Identity and Access Management (IAM) solutions (such as, SSO, Active Directory, Entra ID, etc.);
• Collaborate closely with project teams to ensure information security requirements are embedded throughout project lifecycles;
• Identify and define information security requirements for projects across diverse company domains, including IT, Data, Finance, SCM, Legal, etc. Provide tailored solutions to ensure compliance and risk mitigation;
• Handle and optimize Service Desk (SD) requests related to information security, driving improvements in request workflows and response times. Provide solutions and guidance based on a risk-based approach in accordance with Information Security policies and standards;
• Oversee information security requirements for third-party relationships, including partners and vendors; define, communicate, and verify their security obligations to mitigate risks;
• Support the security and technology Risk Management by proactively identifying and gathering observed risks to support timely mitigation and informed decision-making;
• Provide user support related to Information Security matters, addressing concerns promptly and effectively, while promoting awareness and best practices;
• Contribute to other departmental initiatives and tasks as required, demonstrating flexibility and commitment to organizational goals;
• Supporting the implementation of other tasks within the department's activities.

• Bachelor’s degree in Information Security, Computer Science, IT, Information Systems, Cybernetics or a related field;
• Minimum of 5 years’ relevant work experience in Information Security, IT, or operational roles;
• Familiarity with information security standards and frameworks such as ISO/IEC 27001, ISO/IEC 27701, PCI-DSS, GDPR, NIST, COBIT, ITIL and related normative documents;
• Experience with Access Management processes;
• Proficient with Identity and Access Management (IAM) systems such as Active Directory, Microsoft Entra ID, Intune, etc;
• Experience with Windows, Linux, and Unix server technologies and operating systems;
• Strong knowledge of network technologies including firewalls, switches, routers, VPNs, proxy services, and related infrastructure;
• Knowledge of database management and data tools, including proficiency in querying and analyzing data using platforms such as SQL Server, Oracle, PostgreSQL, and MySQL;
• Analytical, decision-making, and problem-solving abilities;
• Strong communication skills in Azerbaijani and English; good Russian is a plus. Ability to work in a team and manage multiple priorities.

Desired Skills:

• Advanced certifications such as ISO 27001, CISA, CISM, CISSP, CompTIA Security+, CCNP, among others;
• Hands-on experience with encryption solutions and secure communication protocols;
• Experience with cloud security platforms (e.g., Azure Security, AWS Security, Google Cloud Security);
• Knowledge of scripting and automation tools (Python, Bash, PowerShell) for system and security tasks;
• Familiarity with data visualization and reporting tools such as SAP BO, Power BI, Tableau, Oracle BI, or Looker is a plus;
• Familiarity with vulnerability management and penetration testing methodologies;
• Project management skills and experience leading cross-functional security initiatives;
• Excellent interpersonal skills with the ability to train and mentor junior staff;
• Proactive attitude towards continuous learning and staying updated on emerging security threats and technologies.