SecurityEngineer (Compliance and InventoryManagement)
Duration : 12Months
Location : Remote
Weare seeking a dedicated and experienced Security Engineer with astrong focus on compliance and inventory management to join ourInformation Security team.
The ideal candidate will have extensiveknowledge and handson experience with Tenable or other inventorymanagement tools and a solid understanding of regulatory compliancerequirements.
This role will be instrumental in ensuring our ITinfrastructure is secure compliant with industry standards andefficientlymanaged.
KeyResponsibilities :
- ComplianceManagement :
- Ensureadherence to regulatory compliance standards such as GDPR HIPAAPCIDSS andSOX.
- Conductregular compliance audits andassessments.
- Developand implement compliance policies andprocedures.
- Collaboratewith internal and external auditors to provide necessarydocumentation andresponses.
- InventoryManagement :
- UtilizeTenable or similar tools to manage and maintain an accurateinventory of all ITassets.
- Ensureall assets are properly documented andtracked.
- Regularlyupdate and review inventory records to ensureaccuracy.
- Identifyand mitigate risks associated with assetmanagement.
- SecurityOperations :
- Monitorand analyze security alerts andincidents.
- Conductvulnerability assessments and penetrationtesting.
- Developand implement security measures to protect ITinfrastructure.
- Participatein the incident response process including investigation andremediation.
- RiskManagement :
- Identifyassess and prioritize securityrisks.
- Developand implement risk mitigationstrategies.
- Conductregular risk assessments and securityreviews.
- CollaborationandCommunication :
- Workclosely with IT legal and business teams to ensure security andcompliance requirements aremet.
- Providetraining and guidance to employees on security best practices andcompliancerequirements.
- Prepareand present security reports tomanagement.
- ContinuousImprovement :
- Stayupdated with the latest security trends technologies and regulatorychanges.
- Recommendand implement improvements to security policies procedures andtechnologies. Qualifications :
- Education :
- Bachelors degree in Computer Science Information Technology Cybersecurityor a related field. A master s degree is aplus.
- Experience :
- Minimumof 35 years of experience in information security with a focus oncompliance and inventorymanagement.
- Provenexperience with Tenable or other inventory management tools. Ceteroand orGraylog
- Strongknowledge of regulatory compliance requirements andstandards.
- Skills :
- Excellentunderstanding of security frameworks such as NIST ISO 27001 and CISControls.
- Proficiencyin vulnerability management and penetration testingtools.
- Certifications :
- Relevantcertifications such as CISSP CISM CISA CEH or similar are highlydesirable
We are seeking a dedicated and experienced Security Engineer with astrong focus on compliance and inventory management to join ourInformation Security team.
The ideal candidate will have extensiveknowledge and hands-on experience with Tenable or other inventorymanagement tools, and a solid understanding of regulatorycompliance requirements.
This role will be instrumental in ensuringour IT infrastructure is secure, compliant with industry standards,and efficiently managed.
Key Responsibilities : ComplianceManagement : Ensure adherence to regulatory compliance standardssuch as GDPR, HIPAA, PCI-DSS, and SOX.
Conduct regular complianceaudits and assessments. Develop and implement compliance policiesand procedures. Collaborate with internal and external auditors toprovide necessary documentation and responses.
InventoryManagement : Utilize Tenable or similar tools to manage and maintainan accurate inventory of all IT assets. Ensure all assets areproperly documented and tracked.
Regularly update and reviewinventory records to ensure accuracy. Identify and mitigate risksassociated with asset management.
Security Operations : Monitor andanalyze security alerts and incidents. Conduct vulnerabilityassessments and penetration testing.
Develop and implement securitymeasures to protect IT infrastructure. Participate in the incidentresponse process, including investigation and remediation.
RiskManagement : Identify, assess, and prioritize security risks.Develop and implement risk mitigation strategies. Conduct regularrisk assessments and security reviews.
Collaboration andCommunication : Work closely with IT, legal, and business teams toensure security and compliance requirements are met.
Providetraining and guidance to employees on security best practices andcompliance requirements. Prepare and present security reports tomanagement.
Continuous Improvement : Stay updated with the latestsecurity trends, technologies, and regulatory changes. Recommendand implement improvements to security policies, procedures, andtechnologies.
Qualifications : Education : Bachelor s degree inComputer Science, Information Technology, Cybersecurity, or arelated field.
A master s degree is a plus. Experience : Minimum of3-5 years of experience in information security, with a focus oncompliance and inventory management.
Proven experience with Tenableor other inventory management tools. Cetero and or Graylog Strongknowledge of regulatory compliance requirements and standards.
Skills : Excellent understanding of security frameworks such asNIST, ISO 27001, and CIS Controls. Proficiency in vulnerabilitymanagement and penetration testing tools.
Certifications : Relevantcertifications such as CISSP, CISM, CISA, CEH, or similar arehighly desirable