Posted Date :2024-03-01
Job Responsibilities:
Develop and implement security policies, procedures, and standards to safeguard the organization's information systems and networks.
Conduct routine security audits, risk assessments, and vulnerability scans to proactively identify and address potential security vulnerabilities.
Monitor and analyze security systems, including firewalls, intrusion detection systems, and antivirus software, to promptly detect and respond to security incidents.
Investigate and resolve security incidents by conducting forensic analysis, gathering evidence, and collaborating with relevant stakeholders.
Work closely with the IT department to design and deploy secure network architectures, implement data encryption, and manage access control mechanisms.
Stay abreast of emerging security threats, industry trends, and best practices to enhance the organization's security posture continually.
Provide security awareness training to employees, educating them on security risks and best practices for technology usage.
Participate in incident response activities, including the development and maintenance of incident response plans, and ensure timely resolution of security incidents.
Conduct regular security assessments of third-party vendors and partners to ensure compliance with the organization's security requirements.
Collaborate with internal teams to perform penetration testing and vulnerability assessments, identifying and mitigating security vulnerabilities.
Required Skills:
Thorough understanding of information security principles, practices, and technologies.
Proficiency in conducting risk assessments and vulnerability scans.
Familiarity with security frameworks and standards such as ISO 27001, NIST, and PCI DSS.
Experience configuring and managing security systems like firewalls, intrusion detection systems, and antivirus software.
Knowledge of network protocols, routing, and switching.
Strong problem-solving and critical-thinking abilities to identify and resolve security incidents.
Excellent communication skills to effectively collaborate with cross-functional teams and communicate security risks to non-technical stakeholders.
Ability to work independently and manage multiple priorities in a fast-paced environment.
Required Qualifications:
Bachelor's degree in Computer Science, Information Security, or a related field.
Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Information Security Manager (CISM) are highly desirable.
Proven experience in information security, including risk assessment, incident response, and security operations.
Knowledge of compliance requirements and regulations such as GDPR, HIPAA, or SOX.
Familiarity with security tools and technologies such as SIEM, IDS/IPS, and endpoint protection.
Understanding of encryption and cryptographic protocols.
Proficient in secure coding practices and web application security.
Ability to maintain confidentiality and handle sensitive information with integrity.