صاحب العمل نشط
حالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيحالة تأهب وظيفة
سيتم تحديثك بأحدث تنبيهات الوظائف عبر البريد الإلكترونيلم يكشف
لم يتم الكشف عن الراتب
Description
Key Responsibilities
Provides architectural & engineering leadership to cloud infrastructure cybersecurity programs
Works closely with subject matter experts to develop and deliver a complete and integrated cloud infrastructure cybersecurity architecture across Iaas, PaaS, containers, and serverless
Continuously and proactively assesses corporate cloud resources for cybersecurity weaknesses, and prioritizes plans to strengthen
Develop and maintain information security standards, procedures & guidelines and review/approve exceptions. Refine, configure and implement application roles, review and monitor access controls and process routine & emergency system access requests.
Monitor events, collate and analyze data to assess the environment for information security risk, policy violations, & unusual activity and perform root cause analysis.
Architect and implement new or updates to security solutions. Provide technical advice to clients and teams on design, installation and maintenance of information security.
Evaluate Cloud services to ensure information and personal information security. Work with project teams to design, implement and support information security best practices.
Lead internal and external assessments and audits. Remediate identified issues and implement compensating controls. Assist with information security administration processes and practices violation investigations.
Monitors and directs contingent workers in the delivery of project and support services. Evaluates contingent worker KPI's and provides timely updates to management. Responsible for approving contingent worker timesheets. Adheres to compliance processes and procedures
Functional Knowledge
Demonstrates depth and/or breadth of expertise in own specialized discipline or field
Business expertise
Interprets internal/external business challenges and recommends best practices to improve products, processes or services
Has a good understanding of industry standard frameworks (NIST, CIS etc.)
Leadership
May lead functional teams or projects with moderate resource requirements, risk, and/or complexity
Problem Solving
Leads others to solve complex problems; uses sophisticated analytical thought to exercise judgment and identify innovative solutions
Impact
Impacts the achievement of customer, operational, project or service objectives; work is guided by functional policies
interpersonal Skills
Communicates difficult concepts and negotiates with others to adopt a different point of view
When required, act as a good mentor and train junior engineers appropriately
Information Security threat landscape continues to remain increasingly complex and require constant vigilance to secure a large, global enterprise. This position will collaborate with various stakeholders within IT, Legal, HR, and business units to assess and provide information security assessment & gaps to be addressed and driven for closure. This position will work on assessing the security controls of new & existing applications & processes. This position will work closely with business managers, and IT to communicate the importance and need for enhanced security controls.
CORE RESPONSBILITES:
Develop, implement, and maintain security assessment processes & tools to review the security controls in cloud-based applications
Conduct security assessment on internal applications/infrastructure and deliver reports detailing assessment observations and associated recommendations for information security program development to help the client meet security and compliance standards.
Align standards, frameworks and security with overall business and technology strategy
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
Develop, implement, and maintain security assessment processes & tools to review the security controls in on premise and cloud-based applications
Evaluate and asses impact of cloud applications on the overall Enterprise Architecture as it relates to information security
Conduct security assessment on internal applications/infrastructure and deliver reports detailing assessment observations and associated recommendations for information security program development to help the client meet security and compliance standards.
Perform technical research into advanced, targeted attacks, crimeware campaigns, malware and other emerging technologies and techniques to identify and report on cyber-attacks and attackers
Perform proactive research to identify, categorize and produce reports on new and existing threats
Display strong technical aptitude with: IT Security, Enterprise Firewalls, Intrusion Detection and Prevention, EDR, Email Security, Server and application monitoring, Windows and Linux based Web Services.
QUALIFICATIONS:
BA/BS in Information Technology or related field from an accredited university
Minimum of 6-9 years of experience in a combination of information security, risk management, security review, and incident response
Knowledge of common information security management frameworks, such as ISO/IEC 27001,ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
Experience in using standard Security Assessment and Penetration Testing tools.
Knowledge on application security, EDR, email security, Identity management, networks, firewalls and multiple operating systems
High degree of competence with Microsoft Office Productivity Applications
Ability to assess, validate and incorporate new tools, practices, and process to gain efficiencies in the areas of cyber security & intellectual property protection
Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies
Demonstrated experience in supporting information security in global company
Ability to work alone as an individual contributor, as a technical lead and as a key participant in collaboration across global teams
The individual must be an independent, con dent, persistent and results-oriented individual - not an order-taker but rather one who contributes ideas and opinions to ensure sound solutions are implemented.
Able to deal with in uencing skills, ambiguity and work independently with minimal supervision/guidance.
Excellent English communication and solid oral, written communications, problem solving, commitment to task, ability to lead and in uence change.
Preferred Certifications:
Certified Cloud Security Professional (CCSP)
AWS or Microsoft Azure Cloud Security Certifications
GIAC Security Essentials (GSEC)
Certified Information Systems Security Professional (CISSP),
دوام كامل