Job
Description
YOUR TASKS AND RESPONSIBILITIES: Oversee security alerts and incidents, executing timely responses to mitigate potential risks and minimize operational impact, Collaborate with IT and security personnel to implement and verify the effectiveness of comprehensive security protocols, Remain updated on current cybersecurity developments, threats, and industry best practices to enhance the organization's security framework, Monitor and evaluate operational logs, event console activities, intelligence feeds, and pertinent data to detect security-related occurrences and trends, ensuring compliance with established industry standards and regulations such as ISO 27001, NIST, and GDPR, Develop and refine cybersecurity processes and protocols, ensuring adherence to relevant industry standards and regulatory requirements, Perform analysis and testing to identify vulnerabilities, misconfigurations, or other security exposures Conduct root cause analyses and investigations to recommend prevention strategies and configuration modifications, Execute penetration testing to identify vulnerabilities within infrastructure, web applications, and other systems, differentiating between vulnerability assessments and penetration testing methodologies, Investigate incidents and respond to events in real time, WHO YOU ARE: BS or MA in computer science, information security, cybersecurity, or a related field, though relevant working experience may be considered an equivalent with 8+years of experience Experience in IT audit, network operations, enterprise risk management, penetration testing, red team/incident response, or as a junior security operations analyst Experience with regulatory compliance and information security management frameworks, such as ISO 27000, COBIT, and NIST 800, Professional certifications such as CCP-SIRA (Senior), CISSP, and ISACA certifications, along with familiarity with standards like BSI ISO 27001 and PCI DSS Further certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), CompTIA, EC-Council (CSA) SOC Experience monitoring SIEM systems and tools Experience with network and security technologies, such as firewalls, IDS/IPS Experience configuring and utilizing vulnerability assessment technologies Experience with monitoring networks, detecting threats, and responding to incidents
