Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Correlate and tune network, system, and application devices for security events.
- Evaluate, plan, document, and implement new security tools within our environments.
- Perform routine audits to ensure compliance with security policies and other industry standards.
- Perform vulnerability assessments, security control checks, and reporting.
- Research and evaluate the latest security products to combat the latest threats.
- Prepares and maintains detailed documentation on all physical and logical security configurations.
- Performs analysis of the organisation's network and systems security, monitoring, and alerting needs and contributes to design of network and system architecture.
- Research latest security exploits, vulnerabilities, and attack vectors, determines the risk they post to the business, and suggests methods to protect against them
- Ensures security infrastructure processes, concepts, and maintenance are incorporated into systems, software, and hardware platforms in accordance with approved internal standards.
- Participate in technical and forensic investigation into how the incident/breach occurred and the extent of the damage.
- Initiates and leads the Computer Security Incident Response process according to organisational incident handling policies.
- Perform source code review and penetration testing of both new and existing applications.
- Monitor security governance and compliance to internal/external regulations.
Job Requirements
- Bachelor Degree in Computer Science, Information Technology, Telecommunications.
- 3 : 5 years of previous related work experience.
- Experience with various forms of virtualisation technology
- Must have hands on working knowledge of UNIX/Linux, Microsoft, firewall multi-layer design and implementation, router access list/packet filtering (Cisco), WANs, LANs, the Internet, Intranets, network protocols and network services, intrusion detection systems, Virtual Private Network (VPN), Enterprise Security management tools, security assessment software.
- Must possess a basic understanding of ISO 27002 and IT audit frameworks including PCI-DSS 2.0, COBIT and COSO, OWASP.
- Evaluation & assessment of compliance to a regulation, law or policy using industry standard methodologies (ISO27001, COBIT, NIST, ) in an enterprise environment.
- Have +2 years of direct experience with modern DLP solutions.
- Maintain a professional certification as a Certified Information Systems Security Professional (CISSP).
