This is a remote position.
Job Description for Information Security Lead:
Roles and Responsibilities
- Monitor computer networks for security issues.
- Investigate security breaches and other cybersecurity incidents.
- Install security measures and operate software to protect systems and information
infrastructure, including firewalls and data encryption programs.
- Document security breaches and assess the damage they cause.
- Implement penetration testing along with ethical hacking.
- Fix detected vulnerabilities to maintain a high-security standard.
- Stay current on IT security trends and news.
- Develop company-wide best practices for IT security.
- Help colleagues install security software and understand information security
management.
- Research security enhancements and make recommendations to management.
- Stay up-to-date on information technology trends and security standards.
- Revise and analyse IT operations and systems, hardware configurations, physical
security and operating procedures across organization.
- Consult and comply with set controls, standards, policies and procedures while
carrying out IT activities.
- Search technology and reduce risks in every information security segment.
- Suggest measures to improve IT related procedures, operations, processes and
systems throughout organization.
- Suggest and execute IT technologies, strategies and policies to guard customer’s
information assets.
- Implement security risk analysis for current and new systems to find system
weaknesses or disclosures.
- Recommend solutions for explaining risks and reducing exposure areas.
- Prepare security program plans and execute IT controls, processes, audit tools,
interfaces and utilities for authentication.
- Perform as chief for audits and security aspects (ISO 27001).
- Support and provide consultancy for audit compliance actions.
- Implement periodic, on-demand project audits plus vulnerability analysis.
- Determine compliance through user accounts, application usage, system file and
outside scans.
- Perform independently in team implementing security and privacy engagements.
- Review client networks and applications.
- Compliance with industry standards such as ISO 27001, NIST-800-53, CIS
Benchmarks, SWIFT SCSF, etc.
·Supporting audits related to security
·Hands on ISO 27001.
·Experience of IAM.
- Experience with computer network penetration testing and techniques.
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management with the ability to deploy patches in a timely
manner while understanding business impact.
Requirements
Required Skills:
·Fluent ENGLISH, both verbal and spoken
- 5+ years of experience in information security or related field.
·Vulnerability Management full cycle
- Developing, implementing, and monitoring compliance with security baselines
- Security patch management full cycle for OS, databases and applications
·Security incident management full cycle
·Hands on ISO 27001.
·Experience of IAM.
- Experience with computer network penetration testing and techniques.
- Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
- Understanding of patch management with the ability to deploy patches in a timely
manner while understanding business impact.
Originally posted on