Responsibilities
- Guide IT teams in Identity and Access Management (IAM), including user provisioning, password vaulting, access reviews, and encryption key management.
- Conduct advanced cyber-threat analysis, risk assessments, and forensic examinations.
- Collaborate with Cybersecurity and IT teams to maintain security infrastructure, including intrusion detection, data loss prevention, firewalls, and VPNs.
- Update SOPs and publish performance metrics regularly.
- Evaluate security intelligence feeds and recommend improvements for security controls.
- Design and implement technical and procedural security controls, providing compliance guidance for IT projects.
- Facilitate secure integration of Cloud and third-party applications, advising on patch notifications and deployment requirements.
- Perform vulnerability assessments (e.g., network scans, application security testing) and conduct periodic penetration testing.
- Guide employees on security policies and promote cybersecurity awareness campaigns.
- Publish Governance, Risk, and Compliance (GRC) metrics and assess the effectiveness of security controls.
- Coordinate audits and assess internal and third-party cybersecurity risks, preparing responses to compliance inquiries.
- Execute additional duties and special projects as assigned.
Qualifications
- Bachelor’s degree in Computer Science or related field.
- Security certifications : CISSP, CISA, CISM, CCSP, GCIH, GCIA, GSEC, CEH.
- 7+ years of experience in Access Management, Security Operations, Network Security, Vulnerability Management, Compliance, or Audit.
- Understanding of common hacking techniques (e.g., malware, phishing) and countermeasures.
- Knowledge of security best practices and standards (e.g., NIST, ISO, CIS, COBIT, OWASP).
- Skilled in Security Incident Response and malware analysis.
6 hours ago