Responsibilities :
- Analyze and prioritize vulnerabilities based on severity, potential impact and business risk, and collaborate with relevant teams to implement effective mitigation strategies.
- Provide strategic guidance, insights, and direction on technological, cybersecurity, and policy-related topics.
- Lead and participate in the development, implementation, and continuous improvement of incident response procedures, and processes.
- Collaborate with other teams at multiple geographic locations to investigate and document security incidents, root causes, and recommend remediation actions.
- Planning and appraising ongoing assessment of antivirus, application control, firewall, SIEM, VPN, SSL, intrusion detection or intrusion prevention and other network component policies.
- Managing and configuring security systems such as firewalls, intrusion detection and prevention systems, anti-virus software, and other security-related software and hardware.
- Monitoring systems, servers, and networks to detect and respond to potential security threats or suspicious activities.
- Developing and implementing security policies and procedures that ensure the organization’s data and systems are protected against cyber threats.
- Conduct regular vulnerability assessments and penetration testing to identify potential security weaknesses and risks to make improvements in the organization’s security.
- Report all security incidents to the home office and work with corporate IT on response and resolution strategy.
- Contribute to the development and execution of security awareness training programs for employees to enhance security awareness and best practices.
- Stay up to date with the latest cybersecurity threats, attack techniques and incident response strategies.
Requirements :
- Bachelor’s Degree in Computer Science/Information Technology or equivalent.
- 5+ years of experience in a cyber or information security management role.
- Strong knowledge of the latest cybersecurity threats, trends, modern cybersecurity concepts, and technologies (zero trust, CIS Controls, OWASP, MITRE ATT&CK, XDR, CloudSec, AppSec, NIST, ITIL, Azure Well Architected Framework, etc).
- Experience in domains of Cyber Security Operations, Incident Response, Forensic Investigation, Threat Intelligence, or Vulnerability Management preferred.
- Ability to manage and configure security systems, monitor network traffic and system logs, conduct regular security assessments and respond to security incidents.
- Demonstrated understanding of business processes, IT risk management, and related standards.
- Proficiency in utilizing industry-standard tools for vulnerability scanning, assessment, and penetration testing.
- Excellent problem-solving skills and the ability to think critically under pressure.
- Effective communication and interpersonal skills, with the ability to collaborate across teams and convey technical concepts to non-technical stakeholders.
- Proven track record of staying current with evolving cybersecurity threats and best practices.
- Exceptional planning and organizational skills, and excellent written and oral communication.
- Self-starter with initiative and the ability to effectively prioritize and execute tasks with direction from corporate headquarters.
- Professional information security certification preferred, such as:
- CompTIA Security+
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)