Situation in the Organization:
Working under the direction of the Country Cybersecurity Authority and part of the Engineering Team
Main Tasks & Responsibilities:
- Installation and configuration of security system hardware, that includes firewalls and intrusion detection systems, SIEM, 2FA
- Elaborate and deploy hardening procedures
- Work with internal and external teams to successfully implement proposed security solutions such as host-based endpoint protection and data loss prevention
- Perform basic security audit or review of a system to highlight gaps in security compliance
- Assist the Country Cybersecurity Authority in managing security incidents, vulnerability assessment and penetration testing end to end activities
- Support projects’ delivery teams in daily operations for security such as firewall administration, OS patching, and account reviews
- Provide security consultancy to internal teams on their project/business opportunity security needs
- Understands the security requirements and provide support to Cybersecurity work packages in bids and projects
- Occasionally acts as the technical interface on security issues with customers responding to queries and providing technical solutions
Requirements:
The candidate should possess the following:
- Degree in Information Technology / Computer Science or equivalent
- Working experience in at least 2 of the following domains:Application security
Network security
System security
Data security
Cloud security
- However, juniors are welcome to apply for this role
- Experience in securing large and critical OT systems is an added advantage
- Ability to work alone and in a team
- Good communicator and at building relationships (with customers, partners and internal teams)
- Used to working in international teams (fluent English, intercultural skills)
Technical skills:
- Technical hands-on expertise in firewalls, IDS/IPS, AV, IAM, or PIM preferred
- Strong knowledge of TCP/IP and network protocols and virtualization will be advantageous
- Able to write simple Powershell/Bash shell scripts or Python/Perl scripts for system administration tasks
- Experience in vulnerability assessment and penetration testing will be advantageous
- Good knowledge/experience in major Security Standards and Guidelines such as below
- ISO 27001
- IEC 62443
- NIST
- Common Criteria
- CIS
Professional Qualifications:
An internationally recognised professional security certifications such as
- Certified Information Security Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- OSSTMM Professional Security Tester (OPST)
- SANS’ Global Information Assurance Certification (GIAC)
- GIAC Penetration Tester (GPEN)
- ISA / IEC 62443 Certification
Documented evidence to support the claims (e.g. CISA certification number) will be required