This role will be key in the overall security and drive the compliance function across IP Network Engineering (IPNE) – leading on cybersecurity initiatives and ensuring compliance with organization policies and standards.
Performs planning role for key security platform tools like SIEM/PIAM/IAM/MFA/FW/IPS/VA to protect Critical Information Infrastructure.
Responsible for Security infrastructure (SIEM//IAM/PIAM/MFA/FW/IPS/VA) planning and delivery.
Undertake new security projects to improve the security controls, efficiency & ease of use and meet the compliance needs.
Provide consultation on security matters to IPNE service teams & stakeholders and ensure acceptable cybersecurity practices is in place as per organization cybersecurity policy and standards.
Actively identify issues related to cyber security control effectiveness & action plan to mitigate them, track the mitigating measures and report through dashboard.
Ensure adherence to Cybersecurity Risk Management Process is effective for all in-scope infra and engagement with 3rd party service providers.
Maintain the risk register, deviation requests & their mitigating control implementation and escalate issues arising from non-compliance with the policy and standards in timely manner.
To work with internal team to prepare for the internal/3rd party security compliance audit & provide evidence for security, compliance & maturity in line with organization & regulatory security requirements.
Required to keep abreast of the latest security best practices and technologies in the industry as well as the emerging threats and vulnerabilities and on this front, recommend appropriate controls or mitigations to improve security postures within IPNE.
Participate in cybersecurity exercise planning as necessary with respective stakeholders, and contribute to review test plan, recovery plan and playbooks.
The Ideal Candidate should have/be:
Degree in Computer Science, Computer Engineering, Information Technology or Engineering
Minimum 5 years’ relevant experience in the Information and/or Cybersecurity
With 2 or more years’ experience in implementing security platform & compliance
Strong technical background in security risk management, security enforcement and compliance.
Solid understanding of security protocols, cryptography, authentication, authorisation and security
Implementation & planning experience in firewall, IPS, IDS, VPN, authentication, patch management, network security, web & database security, SIEM, PIAM, VDI and endpoint security.
Possess one (or more) of the following security certifications: CISSP/CISM/CISA
Excellent interpersonal, presentation, writing and communication skill
Highly motivated and willing to learn new technologies and able to work under pressure
Team player and ability to work independently with minimal supervision.