- Develop and implement information security strategies, policies, standards, and procedures to safeguard the organization's data and systems.
- Design, deploy, and manage security controls and technologies, such as firewalls, intrusion detection/prevention systems, data loss prevention (DLP) solutions, encryption mechanisms, and vulnerability scanning tools.
- Collaborate with cross-functional teams to ensure secure design and architecture of networks, systems, and applications.
- Monitor and respond to security incidents, conduct investigations, and perform root cause analysis to identify vulnerabilities and security breaches.
- Develop incident response plans and coordinate response efforts during security incidents, ensuring timely resolution and minimizing impact.
- Conduct periodic security assessments, vulnerability assessments, and penetration testing to identify and mitigate security risks.
- Stay updated with the latest security threats, vulnerabilities, and industry best practices to proactively address emerging risks.
- Identify and assess information security risks, conduct risk analysis, and develop risk mitigation strategies.
- Work closely with stakeholders to ensure compliance with regulatory requirements, industry standards, and organizational security policies.
- Participate in the development and implementation of business continuity and disaster recovery plans, ensuring the integrity and availability of critical systems and data.
- Conduct security awareness programs and training sessions to educate employees about information security policies, best practices, and their roles and responsibilities.
- Provide guidance and support to internal teams regarding secure coding practices, system configurations, and access control mechanisms.
- Assist in developing and maintaining security governance frameworks, ensuring proper alignment with business objectives and regulatory requirements.
- Collaborate with internal audit teams to support security audits and assessments and ensure adherence to security controls and compliance requirements.
- Prepare and present security reports and metrics to senior management, highlighting key security risks, incidents, and mitigation measures, and collaborate with cross-functional teams, including IT, operations, and legal departments, to ensure a coordinated and integrated approach to information security.
Bachelor’s degree in communication engineering2-3 years of experience in InfosecProfessional experience with various security infrastructure tools such as intrusion prevention/detection systems, WAF, first and Next Generation Anti-virus/endpoint detection and response.Knowledge of technical infrastructure, networks, databases, and cloud systems in relation to Security and Risk management.Experience with IPS/IDS, SIEM/FIM technologies, next generation Antivirus, Endpoint solutions along with awareness programs and other information security tools.Good command written and spoken English Language