Project Description:

BAU/Project/Risk Assessment in the areas of information and cyber security across the business

Responsibilities:

1. Understand and work with the business as well as with the Cyber Security team to identify, define and implement cyber security requirements for the organization
2. Knowledge of cloud architecture to support the infrastructure and software engineering team in the design and implementation of secure architectures
3. Support and further development our SOC
4. Manage vulnerability assessment and work closely with stakeholders to fix detected vulnerabilities to maintain a high security standard
5. Perform in-depth analysis of security related monitoring events and define follow up activities
6. Engage in and coordinate cyber reviews and penetration tests
7. Ensure that the company knows as much as possible, as quickly as possible about security threats and incidents (internal/ external)
8. Perform maintenance, deployment and enhancement of the security infrastructure in line with best practices
9. Knowledge of security governance frameworks for managing cyber risk and reporting
10. Conduct and follow up for phishing campaigns
11. Provide guidance to IT resources on secure configuration of systems, permissions, new projects, products & relationships
12. Scripting and automation of common tasks/procedures
13. Participation in industry led events and keeping up-to-date with industry trends

Mandatory Skills:

1. Bachelor’s degree in related field from red brick university
2. Strong understanding of Information Security within an enterprise environment
3. Responsive and adaptive in a dynamic, collaborative work environment
4. Service oriented, accurate, effective and independent working style, even under pressure
5. Driven and self-motivated person with the ability to maintain the highest level of confidentiality

ESSENTIAL

1. 1. Knowledge of security systems including proxy servers, firewalls, intrusion detection systems, authentication systems, log management, content filtering, data leakage protection, endpoint tools, etc.
   2. Knowledge of coordinating responses to security incidents, or operating in a SOC environment
   3. Knowledge of IT infrastructure (virtualization, security and network services)
   4. Strong scripting/programming language experience (e.g. Python/Powershell)
   5. Conduct vulnerability assessment and remediation to a high security standard
   6. Strong understanding of identity management, supporting protocols and applied cryptography
   7. Intrusion analyst skills (traffic analysis, event correlation) and analysis/tuning of IPS/IDS/SIEM/DLP/EDR deployments
   8. Ability to analyse and interpret network, system, security and application logs in order to diagnose faults and spot abnormal behavior
   9. Excellent understanding of information security principles and practices
   10. The ability to express yourself clearly and logically both orally and in writing (English)
   11. The ability to produce high quality, written security documentation

Nice-to-Have Skills:

1. DevSecOps skills for reviewing and support Infrastructure as Code (IaC) or CI/CD piplelines is a plus Experience in DLP analysis and tuning
2. Security related certifications is a plus
3. Master’s degree in Cyber Security
4. Desire to work in a financial/regulated environment.