Description
Job description:As an analyst/engineer you will report to the Senior Director of IS Security, you will regular monitoring all information security systems for cyber-attacks, intrusion attempts, and security breaches within the company and timely responses to any violation of threat
Lead security threat intelligence gathering on new or potential security threats, actively manage threat events and lead the incident response, escalation and forensics analysis.
Key responsibilities:
- Act as the subject matter expert for all topics related to cyber and application security and maintain expertise in current and emerging technologies
- Monitor and scan for security vulnerabilities, threats and events in network, host systems and applications
- Perform penetration testing to identify vulnerabilities and recommend safeguards as preemptive measures
- Act as a focal point for IT security investigations, direct responses, and recommend course of action
Develop strategies to handle security incidents and coordinate investigative activities;
Develop standard processes and documentation for security incident tracking and management, in all locations
- Work closely with the business groups as a consultant to understand and deliver secure and reliable solutions to business problems
- Identification, selection and implementation of new Information Security an cyber-security capacities
- Review and make recommendation on any exception request to established security standards
- Review SaaS, PaaS, IaaS and outsource provider performance data to identify trends and issues and develop performance improvement plans
- Provide input to the CyberSecurity Delivery Technology Roadmap
Assist in architectures and implementing managed service solutions.
Lead future service delivery strategy development for information security with the latest technologies, intelligence, and potential threats and understand and utilize change management, project management and incident management processes.
The job requirements:
- Bachelor's Degree in Computer Science, Information Systems, or Engineering, or equivalent work experience with an information security focus
- At least 5 years and extensive experience in Information Security Forensics, malware identification, penetration testing, intrusion detection and defense in depth concepts and strategic thinking on security issues
- Deep technical knowledge of current trends in cyber-security, secure application coding methodologies and testing, host and network forensics and cryptology
- Hands-on experience and skill in the details of security threats, incident response and testing
- Possess strong skills to lead cross-functional teams (internal/client/vendor/onshore/offshore) and work collaboratively with all levels of technical and business teams
- Possess solid written an verbal communication skills, and polished presentation skills
Desired:
- Experience in information protection, information security a/o cyber-security
- Experience with intrusion Prevention Systems, Firewalls, Identity Management, and log correlation systems as well as their interrelationship with other IT systems
- Strong knowledge and understanding of cyber-security operations as structured in NIST, ISO, ITIL, COSO and COBIT frameworks
- Experience working with complex ERP software applications and integration projects
- Ability to work independently, driven to hunt for potential threats as well as collaboratively in a cross functional team
- Ability to motivate people, instill accountability and achieve results
- Security certifications including CISSP or Certified ethical hacker would be a plus