Job Description:
Develop, maintain and direct implementation of information, network and
user security standards and best practices for the organization.
Experience in Team management and shift roaster preparation.
Experience in tracking Asset movement, IT incidents & security breaches.
Research, document, and track security incidents (internal/external) and make
recommendations for appropriate action(s) for remediation and develop additional
controls as deemed necessary.
Assist with new product implementation and patch management,
Educate and inform employees specific to Information security policies &
procedures as well as knowledge of latest information security threats and
vulnerabilities as it applies to the company.
Track the information security assessments and identify network vulnerabilities
and remediation steps.
Maintain a thorough understanding of standards and compliance regulations that
may directly impact the company.
Implement & manage the branch office’s internet, CCTV, etc.,
Coordinate information security awareness trainings.
Responsible for ensuring that the firm’s Information Security systems are
functioning in an optimal manner and that all BCP/DR goals are met through
testing on a scheduled basis.
Perform risk assessments to include, but not limited to, policy compliance review,
vulnerability analysis, penetration test and risk mitigation part of Corporate IT.
Regular propaganda of Information Security threats to improve the employee awareness
Conduct IT asset audits (Physical verification)/reviews periodically or as needed
Monitor organization's networks for security issues or breaches and investigate
violations when they occur.
Required Skills & Knowledge
: 5-7 experience in handling Corporate IT Infra such as Asset management, Team
management, Network support & Security assessments.
Ability to identify the risks and mitigate vulnerabilities and how to avoid them.
Understanding of firewalls, proxies, SIEM, Antivirus, EDR and SSO concepts.
Fundamental knowledge of IP networking, Routing & Switching, Firewall,
System Administration, Active Directory Group policies and Information
Security standards.
Strong understanding of Operating Systems: Windows, Linux & Macintosh
Experience in handling Information Security issues and appropriately
proposing the remedies for the same.
Experience with network, vulnerability and penetration tools and techniques.
Ability to apply critical thinking and logic to a wide range of intellectual and
practical problems.
Experience in handling the technical and non-technical issues/peers to research and
identify the root cause.
Information Security audit or IT Security certification knowledge.
Knowledge in ISO27001, ISO 27701, ISO 22301, PCIDSS, SOC2, compliances are good.
Knowledge in Jumpcloud, Sentinelone tools and applications such as Ameyo,
Ozonetel, Exotel would be preferred.
Strong verbal communication and collaboration skills including the ability to work with
both.
Ability to maintain composure under pressure and work calmly during an emergency.
Ability to manage multiple tasks and schedules.
Experience in Information Security assessments & Policies
Experience handling Mobile Device Management (MDM) solutions, DLP concepts
will be an added advantage.
Disclaimer:
This job description is intended to outline the general nature and key responsibilities of the position. It is not intended to be an exhaustive list of all duties, responsibilities, or qualifications associated with the role. The responsibilities and qualifications described may be subject to change, and other duties may be assigned as needed. Employment is at-will, meaning the employee or the employer may terminate the employment relationship at any time, with or without cause, and with or without notice.
Data Utilization Disclaimer:
By applying for this position, you acknowledge and agree that any personal data you provide may be used for recruitment and employment purposes. The data collected will be stored and processed in accordance with our privacy policy and applicable data protection laws. Your information will only be shared with relevant internal stakeholders and will not be disclosed to third parties without your consent, unless required by law.