We are seeking an experiencedÂ InfrastructureÂ Security individual to join a team supporting anÂ enterprise-wide infrastructure. The incumbent will be expected to respond promptly and decisively against security threats, perform vulnerability assessment, and implement improvement programs.
- Degree in Computer Science, Engineering or Information Technology;
- Keen interest and knowledge on cyber security technologies and malware analysis;
- Good experience in the development, management, deployment and support of security infrastructure;
- Experience in vulnerability testing with manual and automated tools as well as analysis withÂ recommendationsÂ and remediation;
- Prior experience in workingÂ with vendors to evaluate security technologies and working on proof-of-concepts (POC);
- â€‹Strong understanding of:
- Intrusion Detection System (IDS), Intrusion Protection System (IPS);
- End-Point Security software\’sÂ (Sophos, Endpoint Protector);
- Email Security Products (HPE SecureMail, ProtonMail);
- Security Information & Event Management Systems (SIEM Splunk), WAF(Imperva);
- Good interpersonal and presentation skills;
- Able to work in a team and also independently.
- Security certifications like CISSP, GSEC or CISA.
- Lead inÂ definitionÂ and implementationÂ of the secure infrastructure for the organization to supportÂ the enterprise-wide network and platforms;
- Responsible for the overallÂ technical design specific to security for the infrastructureÂ elements (Windows servers, storage, virtualization, backup, etc.), network connectivity, systems integration (Middleware,Â Web Services, EAI)Â and hosting requirements;
- â€‹Responsible to perform vulnerability assessment using automated and manual tools with recommendation for actionable remediation controls;
- Identify security gaps, perform threat risk assessmentsÂ and propose mitigating measures as well as security improvement programs;
- Participate in incident response lifecycle that includes performing assessment of current infrastructure defenses against identified threats and proposing mitigating measures;
- Partner with various vendors on evaluation of security technologies including laboratory setup and proof-of-concepts;
- Provide consolidated executive dashboards, presentation and communication decksÂ on various security assessments and industry updates.