About the Role:

As an Information Security Specialist, you will play a crucial role in ensuring the security of our systems, networks, and data. Your responsibilities will span a range of areas, including security implementation, risk assessment, incident response, auditing and compliance, monitoring and analysis, security awareness, and documentation. You will collaborate with various teams to identify potential risks, develop mitigation strategies, and maintain a robust security posture for our organization. Your expertise will be essential in maintaining compliance with industry standards and regulations while safeguarding our critical assets.

Responsibilities:

1. Security Implementation:
• Configure and manage security tools, intrusion detection/prevention systems, and endpoint protection solutions.
• Administer access controls and authentication mechanisms to ensure appropriate levels of access to sensitive resources.
• Implement encryption technologies to protect data in transit and at rest.
2. Risk Assessment and Management:
• Identify potential security risks and vulnerabilities through regular assessments of systems, networks, and processes.
• Prioritize risks based on potential impact and likelihood and work to develop mitigation strategies.
3. Incident Response and Management:
• Develop, maintain, and regularly test an incident response plan to address security breaches and cyber incidents.
• Coordinate with IT teams to rapidly respond to and mitigate security incidents.
• Conduct post-incident analysis to refine incident response strategies.
4. Security Auditing and Compliance:
• Perform security audits to ensure compliance with industry standards (e.g., ISO 27001, NIST) and regulatory requirements.
• Collaborate with internal and external auditors to provide evidence of compliance.
5. Security Monitoring and Analysis:
• Monitor network traffic and system logs for signs of unauthorized access or unusual activities.
• Analyze security data to identify patterns, trends, and potential threats.
• Generate reports and provide insights on security incidents and vulnerabilities.
6. Security Awareness and Training:
• Develop and deliver security awareness programs and training materials for employees.
• Promote a culture of security awareness throughout the organization.
7. Security Documentation:
• Help to maintain accurate documentation of security policies, procedures, and configurations.
• Document security incidents, investigations, and remediation activities.

Requirements:

• More than 4 years of experience in Information Security roles.
• Desired: Relevant industry certifications, such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), and CompTIA Security+.
• Strong understanding of security frameworks, standards, and best practices (e.g., NIST, ISO 27001).
• Proficiency with security tools and technologies, including Identity and access management solutions, Cloud security solutions, SIEM, and endpoint protection solutions.
• Knowledge of data protection regulations and compliance requirements (e.g., SOC2, PCI, SOX).
• Strong problem-solving skills and attention to detail.
• Excellent communication skills for collaborating with diverse teams.

#LI-AL1