Identifying and analyzing main risks that may arise in Information Systems, Software, banking systems, and information infrastructure;
Evaluating IT operations and Environment and analyzing their impact on Business;
Register IT risks based on Risk assessments;
Analyzing existing security systems and making recommendations on changes or improvements;
Preparing proposals to minimize risks based on the results obtained from IT audit reports, participating in the preparation of an Action Plan, and predicting future risks;
Preparing proposals for the study of international standards on IT security, discussion of innovations, and preparation of the bank's security policy based on international norms;
Monitoring the implementation of security policies, standards, rules, and procedures;
Preparing reports on the status of Information Security, documenting, and determining the risks and threats.
Basic knowledge of Windows, Linux operating systems;
Understanding the structure and operating principles of TCP/IP and UDP, Routing, FireWall, VPN, WiFi, VoIP (Voice over IP) protocols and networks;
Having a basic understanding of the OSI / DOD (TCP) model;
Understanding the basic principles of computer and network security, security of web applications and their technologies, the basics of cryptographic encryption;
Understanding the principles of operation of security methods/intrusion detection systems (corporate antiviruses, WAF, IDS / IPS, UTM, NGFW, etc.);
Understanding the principles of application development;
It is desirable to have at least one of the listed certificates: CISCO CyberOPS, CompTIA Security +, CompTIA CSA, ISACA CRISC, ITIL Foundation, ISACA COBIT 5;
Knowledge of Azerbaijan, Russian, and English (writing) languages at a good level.