Dear Candidate,

Welcome to the careers site of Air Astana! We are pleased that you have chosen us as a potential employer. The recruitment process within our company is always free and conducted directly, without the involvement of third parties.


Please remain vigilant and cautious. We never request payment for employment and do not ask for personal or banking details from external parties. If you receive such requests, it may be a scam.


If you have any questions, please contact us at our official email address: recruitment.support@airastana.com.


Kind regards,

The Air Astana Team

Senior IT security Administrator

Back

Senior IT security Administrator

Information Technology
Closing date: 03-Mar-2025

Description

RESPONSIBILITIES:

  • Risk Analysis and Mitigation: Conduct risk assessments, evaluate threats, and implement measures to reduce security risks.
  • ISO/IEC 27001 Compliance: Implement, maintain, and support ISO/IEC 27001 certification and compliance.
  • Security Audits and Infrastructure Protection:
  • Manage change control, asset management, and licensing procedures.
  • Conduct internal audits to identify weaknesses and vulnerabilities in IT systems and infrastructure.
  • Implement security enhancements and address vulnerabilities.
  • Security Solutions Deployment and Management:
  • Deploy, monitor, and maintain security solutions such as firewalls, web proxies, IDS/IPS, VPN servers, NAC, SIEM, SFTP servers, and more.
  • Evaluate and implement new cybersecurity solutions while updating existing ones.
  • Consulting and Support: Advise IT personnel and other employees on information security-related issues.

REQUIREMENTS:

  • Deep understanding of network protocols and architecture.
  • Hands-on experience in implementing and maintaining security solutions such as NGFW, EDR, PAM, NAC, and SIEM.
  • Strong expertise in administering server operating systems (Linux/Windows) and working with Nginx/HAProxy.
  • Knowledge and understanding of international IT security standards, particularly ISO/IEC 27001, NIST, PCI DSS.
  • Experience in developing cybersecurity documentation.
  • Professional certifications are a plus (e.g., CCSA/CCSE, CCNA/CCNP Security, CompTIA Security+ or others). Additionally, experience in identifying and exploiting vulnerabilities in web and network applications is highly desirable.

LOCATION
Almaty , Kazakhstan

Full day

APPLY