We’re looking for a candidate to fill this position in an exciting company.
Manage cybersecurity projects & coordinate with global site IT and vendors to deliver security solutions and initiatives timely.
Organize penetration and vulnerability scans with external testers and internal IT teams and follow up with their remediation and closures.
Monitor, investigate and develop strategies to lead security incident responses efforts and recover from security breaches.
Plan security awareness program and conduct security awareness trainings and initiatives.
Develop and maintain documentation on security playbook, policies, procedures and ISO27001 ISMS.
Working with all Group IT Pillars & business stakeholders to define security protocols and to secure IT systems.
Part of Group IT Cybersecurity Team to work closely with managed security provider, Global Site IT teams and serve as an escalation point for all security-related issues to troubleshoot and establish root cause for continuous improvement.
Degree in Information Technology/Information Security.
Min. 3 years of proven work experience in a similar cybersecurity role.
Strong experience and knowledge in enterprise security solutions such as Next-Gen Firewall (Fortinet), Endpoint Protection software (TrendMicro), PAM, SIEM, Email & Cloud Security, DLP, IAM, EDR.
High proficiency in IT security governance and architecture, including a knowledge of IT network security and cloud-based technologies.
Proven understanding of the current vulnerabilities, incident response, and mitigation strategies used in cyber security.
Knowledge of vulnerability assessment tools (Nessus), computer forensic tools, security incident response and methods.
Experience in performing security solutions POC, evaluation, testing and track record of security project management for successful implementation and roll-out.
Security certification (CISSP, CISA, CEH, OSCP) is an added advantage.
Strong oral and written communication skills, including a demonstrated ability to prepare quality documentation and presentations for technical and non-technical audience