Aytaj Rzayeva
Baku
Summary
Certified and results-driven Information Security and IT Risk Management Specialist with over 5 years of experience across the telecom, finance, and consulting sectors. Proven track record in implementing ISO/IEC 27001-aligned controls, leading security initiatives in transformation projects, and establishing enterprise-wide risk frameworks. Adept in security governance, access management, internal audits, and aligning organizational practices with global cybersecurity standards.
Overview
6
6
years of professional experience
1
1
Certification
Work History
Information Security Governance Expert
Azercell Telecom
Baku, Azerbaijan
03.2023 - Current
- Established and implemented the IT & Information Security Risk Management process from scratch
- Developed and maintained a comprehensive Risk Registry for identifying and assessing risks
- Conducted risk assessment interviews and distributed risk questionnaires across departments
- Acted as Security Stream Lead / Project Manager in a company-wide Digital Transformation Project
Coordinated security testing, identified vulnerabilities, and implemented required controls - Performed regular audits of employee access rights per internal and ISO/IEC 27001 requirements
- Developed and implemented the Company Access Management Procedure, including access classification and control over granting/revoking access rights
- Led initiatives to align the Information Security Management System (ISMS) with ISO/IEC 27001 standards
- Drafted and updated internal policies and procedures related to information security
IT & Cyber Security Risk Management Specialist
ABB
Baku, Azerbaijan
08.2022 - 02.2023
- Presented IT/Cyber risk issues to the IT committee and executive leadership
- Analyzed internal projects, procedures, and documentation from a cybersecurity risk perspective
- Performed third-party IT/Cyber risk assessments
- Collaborated with Agile teams to embed risk awareness in delivery processes
- Assessed risks related to emerging Data technologies and information classification/protection
Information Security Specialist
Pasha Bank OJSC
Baku, Azerbaijan
12.2020 - 08.2022
- Analyzed access rights and implemented countermeasures for core banking systems
- Designed and implemented role matrix aligned with business and compliance needs
- Participated in Data Classification and DLP implementation projects
- Led participation in PCI-DSS compliance audit
- Conducted system audits to identify and resolve vulnerabilities
IT Risk & Assurance Specialist
EY Azerbaijan
Baku, Azerbaijan
07.2019 - 12.2020
- Participated in IT audit and assurance projects for key clients including: Azercell Telecom, Kapital Bank, SOCAR, Pasha Bank, IBAR, Azer Turk Bank, and others
- Reviewed internal controls, information security governance, and IT processes across sectors
Education
MBA -
ADA Universtiy
Baku, Azerbaijan05-2022
Bachelor of Science - Information Technology
ADA University
Baku, Azerbaijan05-2019
Skills
- IT and cyber risk management
- Information security governance
- Access control and identity management
- IT auditing and compliance
- Risk assessment and treatment
- Security awareness and policies
- Project management
- Vulnerability and DLP management
- Effective communication and leadership
Certification
- ISO/IEC 27001 lead auditor – BSI (Jan 2024)
- ISO/IEC 27701 Foundation – ISO (Jan–Feb 2024)
- Cybersecurity: Managing risk in the information age – Harvard VPAL (Feb–May 2024)
- Endpoint DLP – Digital Guardian (Feb 2022)
Languages
Azerbaijani
First Language
English
Proficient (C2)
C2
Russian
Proficient (C2)
C2
Timeline
Information Security Governance Expert
Azercell Telecom
03.2023 - Current
IT & Cyber Security Risk Management Specialist
ABB
08.2022 - 02.2023
Information Security Specialist
Pasha Bank OJSC
12.2020 - 08.2022
IT Risk & Assurance Specialist
EY Azerbaijan
07.2019 - 12.2020
MBA -
ADA Universtiy
Bachelor of Science - Information Technology
ADA University
Similar Profiles
Shargiyya HashumovaShargiyya Hashumova
IT Project Coordinator at Azercell TelecomIT Project Coordinator at Azercell Telecom
Javidan AbdullayevJavidan Abdullayev
Business Intelligence Developer at Azercell TelecomBusiness Intelligence Developer at Azercell Telecom
Jalya AshgarovaJalya Ashgarova
Call Center agent at Ganja, Azerbaijan, Azercell Telecom LLCCall Center agent at Ganja, Azerbaijan, Azercell Telecom LLC
Elvin AliyevElvin Aliyev
ICSS (Integrated Control/Safety System) Specialist at Socar PolymerICSS (Integrated Control/Safety System) Specialist at Socar Polymer
Vusala GurbanovaVusala Gurbanova
QA Engineer at PASHA Insurance OJSCQA Engineer at PASHA Insurance OJSC