Information Security Analyst

Pollard Digital Solutions - Europe is a full-solution supplier of lottery management and iLottery technology for world-wide lottery markets. The company is owned by Pollard Banknote Ltd. – a leading partner to more than 60 lotteries worldwide, providing high quality instant ticket products, licensed games, retail merchandising solutions, and a full suite of digital offerings. Established in 1907 in Winnipeg, Canada, Pollard Banknote is owned approximately 66.7% by the Pollard family and is publicly traded on the Toronto Stock Exchange (PBL).

Our objective is to deliver the most innovative solutions that will render industry-leading returns to good causes in an ethically responsible way. We emphasize a friendly, lively, and respectful workplace atmosphere, where team spirit is highly valued.

We are looking for an Information Security Analyst to join our office in Belgrade! Here is an overview of this role:

You will be responsible for identifying security issues and analyzing threats. During projects and ongoing support, the Information Security Analyst will provide various IT teams and other departments with Information Security expertise. The Information Security Analyst will analyze and identify crucial areas as related to logical security and assist in developing solutions using improved technologies and procedures. Pollard Banknote Limited receives many audits by both its customers and as required by 3rd parties. As such the Information Security Analyst will be required to participate in various capacities of the audit process.

You can expect from us:

• A truly great working environment
• Modern office with parking provided for our employees
• Private health insurance
• Insurance for medical treatments outside of Serbia
• Learning and Development budget
• Yearly profit sharing
• Budget for sports activities
• Social activities
• Referral bonus
• Additional benefits

Your responsibilities will be:

• Enforce corporate IT security policies, standards, and guidelines to support corporate IT security governance.
• Perform threat analysis and vulnerability assessments.
• Investigate and track remediation of application C infrastructure vulnerabilities.
• Develop and maintain Security Incident and Event Management (SIEM) tools to Monitor, alert and report on security events.
• Work closely with IT and development teams to design secure infrastructure solutions and applications, facilitating the implementation of protective and mitigating controls.
• Participate in compliance and audit processes. Both internally and externally (Customer or 3rd party).
• Provide Information Security expertise to projects to assess security requirements and controls and ensure that security controls are implemented as planned.
• Provide management with risk assessments and security briefings to advise them of critical issues that may affect customer, or organizational security objectives.
• Communicate with multiple departments and levels of management in order to resolve technical and procedural information security risks.
• Essential Job Duties and Responsibilities: Security Incident and Event Management (35%), Threat and Vulnerability Analysis (25%), Access/Audit Log Reviews (15%), Provide Security Expertise to Other IT Teams (10%), IT Security Risk Assessment (10%), Other Duties as Assigned (5%).

 You will be a match if you have:

• Degree in Computer Science or Computer Engineering or equivalent education. (Or industry recognized training. Eg. SANS training)
• 3 years of Information Security or Systems Security experience. (Example: Information Security Analyst, SOC analyst, Systems Security Administrator, etc.)
• Incident management and incident response experience
• Working experience with Security tools such as SIEM, Firewalls, IDS/IPS, Anti-Virus
• Strong understanding of Information Security standards, frameworks, and best practices (e.g., ISO 27001, OWASP, ITIL, CoBIT, SANS Top 20) required
• Experience conducting vulnerability and security assessments
• Ability to assess application and hardware vulnerabilities
• In depth knowledge of security standards and best practices
• High technical aptitude; technical knowledge regarding hardware devices, operating systems and network devices
• Understanding of software development processes
• Knowledge security risk assessment methodologies
• Understanding of server administration
• Industry recognized certification is preferred (CISSP, CISA, CISM, CRISC, GIAC, etc.)
• Ability to work in a team environment and interact effectively with clear concise communication
• Critical Thinking (Must be able to plan ahead for potential issues/emergencies)
• Ability to be analytical when gathering information and determining risks

What does the interview process at Pollard usually look like, and what are the steps involved?

• Initial interview
• Technical interview
• Meet the team interview

If this opportunity aligns with your experience and with your goals, we invite you to apply today. We look forward to reviewing your application and welcoming you to our team!