Responsible for identifying vulnerabilities and working with our IT department to resolve them, ensuring that our network and data remain secure. Design and enforce policies and procedures that protect our organization's computing infrastructure from all forms of security threats.
IT Services Department, within a financial/Insurance group.
- Real-time monitoring of network usage and analysis of security events from multiple sources to to ensure compliance with security policies;
- Identifies vulnerabilities, investigates and reports security incidents;
- Supports the delivery of threat management, technological controls and incident response, implementing the appropriate procedure in order to neutralize the risks;
- Performs the collection and management of information security operations metrics and measures;
- Produces high quality outcomes and timely service delivery;
- Suggests measures for minimizing the risks of cyber security incidents;
- Participates in maintaining up to date related security documentation and developing policies/ procedures/ standards of information security;
- Able to train and educate our staff in various information security topics;
- Analyzes, tests and deploys security solutions from vendors;
- Offers consultancy, on security matters, for other projects developed within the company;
- Performs administration, testing, and remediation (including the support of RCA) of security controls;
- Collaborates with business teams to effectively predict, protect, and respond to security threats;
- Conducts research and evaluation of new security technologies, processes, and methodologies.
- Bachelor’s degree in computer science, information systems, engineering or the equivalent combination of formal education, training, and experience;
- Senior: 4+ year of work experience directly supporting information security operations;
- Regular: 2+ year of work experience directly supporting information security operations;
- Professional information security certification represents an advantage;
- Solid knowledge of various information security frameworks.
- Technologies considered a plus: SIEM, DLP, PAM
- Standards: ISO 27001 awareness
- Strong analytical abilities, interpersonal skills, and verbal / written communication;
- Ability to educate a non-technical audience about various security measures;
- Experience working on a team to effectively respond to complex requests;
- Willingness to be on-call, work non-standard hours, and travel when required;
- Comfortable working in fast peace environments.