- Work closely on security aspects of multiple technologies and methodologies as it relates to operating systems, databases, access controls, patch management, encryption, anti-virus, and vulnerability assessments etc. to assist the Engineering and Compliance team with effective research, data gathering, analysis, metrics, reporting and communications.
- Identify security prospects of multiple solutions that help keep the organization safe from threats.
- Provide direction to infrastructure, operations, data, and network teams throughout the implementation of security aspects in production, and beyond.
- Maintain knowledge of engineering next-gen designs, security trends, threats, and attack techniques.
- Build and maintain effective relationships with management, peers, project managers, and internal customers.
- Translate threat intelligence into actionable security across available tools.
- Design and Review the architecture for Systems, Networks, DB etc.
- Conduct Kaizen/continuous improvement events with Technology teams and follow up/assist with implementation.
- Help teams with readiness for external assessments against industry standards and review programs/documentation for conformance.
- Evaluate and recommend new information security technologies and practices along with improvement in current infrastructure.
- Suggest processes for adherence to information regulatory compliance globally.
- Review Information Security Program including Policies, Standards, Guideline and Procedures.
- Review Audit Logs, Risk Assessments, Vulnerability Assessments and do Gap Analysis.
Make recommendations for improving Information Security Incident Management and participate in Root Cause Analysis.
Education: Computer Sciences
Experience: up to 2 years Knowledge, Skills & Personal Characteristics:
- Preferable CISA certified
- Information Security (Confidentiality, Integrity and Availability, Physical and Logical Security)
- Networks (Firewall, Routers, Switches and Network Diagram)
- Cryptography (Encryption, Decryptions Hashing algorithms, Key Management)
- Incident Management
- Interest in Compliance & Regulations.
- Attention to Details
Specific Tools, Technologies or Equipment Skills:
- Data Analysis
- Audit Command Language/GRC Platform
- CIS-CAT Tool
- MS Excel
- Power Point