Cyber Security

Responsibilities:

Security Infrastructure Management:

1. Deploy, configure, and maintain security infrastructure components, including firewalls, intrusion detection/prevention systems, and endpoint protection solutions.
2. Implement and manage Security Information and Event Management (SIEM) solutions for log analysis and threat detection.

Incident Response and Forensics:

1. Lead incident response activities during security incidents, conducting forensic analysis, threat hunting, and containment efforts.
2. Collaborate with cross-functional teams to develop and implement incident response playbooks.

Vulnerability Management:

1. Conduct regular vulnerability assessments and penetration tests to identify and address security vulnerabilities.
2. Collaborate with system owners and IT teams to remediate identified vulnerabilities.

Security Policies and Procedures:

1. Implement and enforce cybersecurity policies and procedures to ensure compliance with industry standards and regulations.
2. Conduct security awareness training for employees and promote a culture of security throughout the organization.

Network and Application Security:

1. Configure and monitor network security devices, such as firewalls, intrusion detection/prevention systems, and VPNs.
2. Collaborate with application development teams to ensure secure coding practices and conduct security reviews.

Cloud Security:

1. Implement and enforce security best practices for cloud environments, including AWS, Azure, or Google Cloud.
2. Configure and monitor cloud security services to protect data and applications in the cloud.

Security Monitoring and Threat Intelligence:

1. Monitor security events and alerts, analyze data from various sources to identify potential threats.
2. Stay updated on emerging threats and incorporate threat intelligence into daily monitoring and incident analysis.

Security Awareness and Training:

1. Conduct security awareness training for end-users and provide guidance on security best practices.
2. Create and maintain security documentation, including policies, procedures, and incident reports.

Risk Management:

1. Collaborate with risk management teams to assess and mitigate cybersecurity risks.
2. Provide technical expertise in risk assessments and contribute to the development of risk mitigation strategies.

Skills:

Technical Skills:

1. Proficient in deploying and managing security infrastructure components.
2. Hands-on experience with SIEM solutions (e.g., IBM Qradar, LogRhythm, Splunk).
3. Knowledge of network security principles and technologies.

Programming Proficiency:

1. Proficiency in Python, C++, Java, Ruby, Node, Go, and/or PowerShell for scripting and automation.

Incident Response and Forensics:

1. Experience leading incident response activities and conducting forensic analysis.
2. Familiarity with incident response playbooks and procedures.

Vulnerability Management:

1. Competency in conducting vulnerability assessments and penetration tests.
2. Collaboration with IT teams for timely vulnerability remediation.

Security Policies and Compliance:

1. Implementation and enforcement of cybersecurity policies and procedures.
2. Knowledge of industry standards and regulations (e.g., GDPR, ISO 27001).

Network and Application Security:

1. Configuration and monitoring of network security devices.
2. Collaboration with application development teams for secure coding practices.

Cloud Security:

1. Hands-on experience with securing cloud environments (AWS, Azure, or Google Cloud).
2. Knowledge of cloud-native security tools and best practices.

Additional Skills:

1. A degree in computer science, IT, systems engineering, or a related qualification.
2. 2 years of work experience with incident detection, incident response, and forensics.
3. Experience with Firewalls (functionality and maintenance), Office 365 Security, VSX, and Endpoint Security.
4. Ability to work under pressure in a fast-paced environment.
5. Strong attention to detail with an analytical mind and outstanding problem-solving skills.
6. Great awareness of cybersecurity trends and hacking techniques.