Skills And Tools:
- Develop and carry out information security plans and policies.
- Develop strategies to respond to and recover from a security breach.
- Develop or implement open source/third-party tools to assist in detection, prevention, and analysis of security threats.
- Awareness training of the workforce on information security standards, policies, and best practices
- Implement protections.
- Installation and use of firewalls, data encryption and other security products and procedures.
- Conduct periodic network scans to find any vulnerability.
- Conduct penetration testing, simulating an attack on the system to find exploitable weaknesses.
- Monitor networks and systems for security breaches, using software that detects intrusions and anomalous system behavior.
- Investigate security breaches.
- Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened.
- Bachelor’s degree in communication/computer engineering
- 3-5 years of experience in a same role.
- Experience with information security risk management tools and methodologies.
- Experience with data privacy/security international regulations.
- Experience with ISO 27000 series of standards.
- Knowledge of NIST/CIS standards and guidelines.
- Experience with the endpoint security solutions, IDS, NGFW, WAF, and SIEM solutions.
- Experience in system administration (Windows/Linux)
- Experience designing secure networks and systems.
- Experience with vulnerability assessment solutions.
- Knowledge of Web/Mobile application pen-testing.
- Knowledge of OWASP Top Ten.
- CEH, ECSA, GIAC certifications or any security vendor certifications would be preferred.