Head of Information Security

CETIN Bulgaria delivers high-quality telecommunications infrastructure services in Bulgaria, ensuring reliable connectivity with a commitment to excellence We provide an enjoyable customer journey and great performance by pushing sustainable technological development and anticipating customers’ demands, based on our cutting-edge communications infrastructure, highly skilled team of more than 300 professionals, and our customer-driven strategy.

CETIN Bulgaria is a member of CETIN International – a leading wholesale provider of active and passive telecommunications infrastructure services in Central and Eastern Europe.

We work with highly skilled, highly motivated, world-class experts.

Join CETIN and be part of this team!

ROLE OVERVIEW

CETIN Bulgaria is seeking a highly skilled and visionary Head of Information Security Department to lead a team of experts across multiple security domains. This is a senior leadership role responsible for defining and executing CETIN’s security strategy, ensuring compliance with international standards and EU regulations, and protecting critical infrastructure and information assets against evolving cyber threats.

RESPONSIBILITIES

Leadership & Governance

• Lead and develop the Information Security team (SOC), fostering expertise across specialized domains.
• Maintain and continuously improve the Information Security Management System (ISMS) to comply with ISO 27001, Cybersecurity Law, NIS2, DORA, and ENISA guidelines.
• Drive security governance, risk management, and compliance initiatives across the organization.

Core Security Domains

Security Monitoring & Incident Management

• Oversee real-time monitoring, detection, and response to security incidents.
• Direct forensic investigations and root cause analysis for breaches and suspicious activities.

Security Infrastructure Development & Maintenance

• Ensure robust design, deployment, and maintenance of critical security technologies, such as:
• SIEM (Security Information and Event Management)
• SOAR (Security Orchestration, Automation, and Response)
• PKI (Public Key Infrastructure)
• HSM (Hardware Security Modules)
• IDM (Identity Management)
• PAM (Privileged Access management)
• WAF (Web Application Firewall)

Forensics tools and processes

Security Hardening & Patching

• Define and enforce system hardening standards and patch management processes to minimize vulnerabilities.

Vulnerability Management

• Oversee vulnerability scanning, assessment, and remediation programs to ensure proactive risk mitigation.

Security Architecture & Project Management

• Design secure architectures for new systems and projects, ensuring security requirements are embedded from inception.
• Provide security leadership in project management, aligning technical controls with business objectives.

Risk & Compliance

• Conduct technical risk assessments and security audits to ensure compliance with privacy, legal, and regulatory requirements.
• Translate business and technology requirements into actionable security controls and prepare risk treatment business cases.
• Continuous Improvement & Collaboration
• Champion standardized environments, best practices, and process optimization.
• Collaborate with cross-functional teams (infrastructure, network, application) and international security counterparts.
• Prepare senior management reports, guidelines, and official documentation for security initiatives.

Required Qualifications & Skills

• Proven leadership experience in Information Security, preferably in telecom or large-scale IT environments.
• Strong knowledge of security frameworks, risk management, and secure architecture design.
• Hands-on experience with technologies such as SIEM, SOAR, PKI, HSM, IDM, PAM, WAF etc., and vulnerability management tools.
• Familiarity with ISO 27001, NIS2, DORA, GDPR, and ENISA standards.
• Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer/Auditor) are highly desirable.
• Excellent analytical, organizational, and communication skills.
• Ability to manage complex projects, budgets, and stakeholder relationships.

EDUCATION

Bachelor’s or Master’s degree in one of the following fields:

– Information Security

– Computer Science

– Information Technology

– Cybersecurity

– Telecommunications

– Engineering or related technical discipline

– Advanced degrees (Master’s or MBA with IT Security focus) are a plus.

– Specialized training or certifications in Information Security Management and Cybersecurity frameworks (e.g., ISO 27001, NIST, CISM, CISSP) highly desirable.

– Continuous professional development in emerging security technologies and regulatory compliance is expected.

Why Join CETIN Bulgaria?

• Lead a critical function in a dynamic and innovative organization.
• Work with cutting-edge security technologies in an international environment.
• Competitive compensation and benefits package.
• Positive workplace culture where you would receive all the support you need from your peers and managers in order to achieve your personal and team goals
• Preferential prices for mobile devices and accessories
• Unlimited mobile services and mobile internet
• Flexible working hours
• Monthly food vouchers
• Transportation allowance
• Additional health insurance
• Up to 25 days annual paid leave

Only short-listed candidates will be contacted. All applications will be treated in strict confidentiality and in compliance with applicable law regarding personal data protection