About us

What is it like to work in UC colors? One thing is for sure, all 350+ of our colleagues would say the same: unique and unrepeatable. Professional and language training, soft skill training, team-building abroad and at home, IT Fest, Balaton Circle on two wheels or two feet, kUCkó aka UC wellness centre, themed craft afternoons, charity painting. Be a part of this experience of a lifetime!

The client / the project

Our Company is seeking a highly experienced and strategic IT Security Professional to lead and enhance our security efforts. This role requires a seasoned individual with a proven track record in building and managing world-class security programs.

Role Overview:

The IT Security Professional will be a key leader within the organization, responsible for developing and implementing our overall IT security strategy. This includes risk management, security architecture, incident response, compliance, and security awareness. The ideal candidate will have a deep understanding of the evolving threat landscape and possess the skills to effectively protect our organization's assets.

Responsibilities

• Incident Management: Monitor security mailboxes, manage incidents, and coordinate with the SOC.
• SecOps Administration: Administer security tools (e.g., , Qualys, CybeReady), manage access, and perform administrative tasks (budgeting, reporting).
• Patch and Vulnerability Management: Maintain vulnerability scann coverage, licence set, and remediation efforts.
• Security Advisory: Contribute to policy creation, maintain documentation, and conduct security assessments.
• Security Awareness: Develop and deliver training programs and phishing campaigns.
• Audit Support: Assist with compliance audits and other security audits.
• Risk Management: Perform risk assessments, create and monitor security findings, and administer related tasks.
• Cyber Security Projects: Deliver ad-hoc mini-projects, such as reviewing application password settings, gathering information for DLP policies, and testing solutions in a sandbox environment.
• Penetration Testing: Coordinate penetration test engagements, managing special access, schedules, re-tests, and tracking findings.
• Patch and Vulnerability Management.
• Vulnerability Remediation: Define and implement actions to remediate vulnerabilities identified by Qualys scan results.
• Security Baselines: Define, monitor, and enforce proper security baselines (hardening policies).
• Development Vulnerability Management: Manage vulnerability scanning and remediation within the development lifecycle.
• Product Security: Manage and oversee product security initiatives.
• Security Architecture: Provide security architecture guidance and support.
• NIS2 Compliance: Deliver NIS2-driven policies, requirements, controls, and tool implementation.
• NIS2 Tasks: Drive NIS2-related tasks in close cooperation with developer team leads and product managers.

Technologies / Skills

• 10+ years of experience in Information Security.
• Proven track record in similar roles (IT Security Expert, CISO, ISO, CSO)
• Certificates such as CISM, CEH, CISSP, CGEIT, CRISC, OSCP, ISO 27001, PCI, or similar are advantages
• Strong leadership, communication, and interpersonal skills.
• Deep understanding of security principles, practices and technologies.
• Experience with risk management frameworks and methodologies.
• Excellent analytical and problem-solving skills.

Why join us

• Work in a small team with enthusiastic, motivated, experienced colleagues and cutting edge technologies.
• Participate in relevant training and certification to acquire and maintain the knowledge to be effective.
• Our mission and core values match your own and motivate you.
• Great company environment that is serious about having fun in almost everything we do, including frequent team events and more.
• Informal, entrepreneurial and flexible atmosphere where thinking out-of-the-box is highly encouraged.