Aufgaben
Objective of job
To safeguard the organization's information assets by proactively managing security risks, effectively responding to incidents, and continuously improving the overall security posture.
- Protect the organization's information assets by maintaining confidentiality, integrity, and availability.
- Proactively identify, assess, and mitigate security risks and vulnerabilities.
- Lead and coordinate effective responses to security incidents, minimizing impact and ensuring timely recovery.
- Continuously improve the organization's security posture through proactive monitoring, analysis, and implementation of security best practices.
- Ensure compliance with relevant security standards, regulations, and policies.
Job designation
- Security Incident Management
- Monitor and respond to security incidents in alignment with incident response protocols.
- Lead incident response efforts to ensure timely containment, eradication, and recovery from security threats.
- Conduct thorough investigations of security incidents, including log analysis, host-based and network forensic investigations, to determine the root cause and impact.
- Develop incident analysis and findings reports for management, including gap identification and recommendations for improvement.
- Coordinate investigation, containment, and other response activities with business stakeholders and groups.
- Vulnerability Management
- Conduct vulnerability assessments and manage remediation efforts.
- Continually identify, assess, report on, manage, and remediate vulnerabilities across endpoints, workloads, and systems.
- Security Operations
- Fine-tune incident detection and alert-triggering rules to minimize false positives and improve detection accuracy.
- Analyze and improve security measures by assessing and updating policies, configurations, and procedures.
- Maintain situational awareness by tracking emerging threats, attack patterns, and tactics, techniques, and procedures
- Develop and maintain documentation, playbooks, and standard operating procedures.
- Perform onboarding of new team members and facilitate smooth integration.
- Help develop processes used for internal and external planning and collaboration.
- Provide technical and administrative support for day-to-day operations.
- Collaboration and Communication
- Collaborate with IT and RD application teams to ensure security is integrated into all stages of the software development lifecycle.
- Provide security training and awareness programs for employees.
- Communicate security status, risks, and incidents to executive leadership and other key stakeholders.
Qualifikationen
Qualification
- Technical Skills and Knowledge:
- Strong understanding of security operations concepts, incident response methodologies, and vulnerability management principles.
Hands-on experience administering and configuring security tools such as SIEM, SOAR, firewalls, intrusion detection/prevention systems, and vulnerability scanners.
- Familiarity with scripting languages (e.g., Python, PowerShell) for task automation and tool customization.
- Knowledge of cloud platforms such as AWS, Azure, Ali Cloud or other cloud platform.
- Strong analytical and troubleshooting skills for rapid issue resolution under pressure.
- Excellent communication skills, both written and verbal, for technical and executive audiences.
- Adaptability and resilience in the face of evolving cyber threats.
- Proficiency in security frameworks and various compliance standards like ISO 27001, SOC, NIST, etc.
- Relevant certifications, CISA, CISSP, CISM
- > 5 years experience in security operations, incident response, threat detection and analysis, or similar roles
- Education: Bachelor's degree and above in Computer Science encompassing Information Security
Read Full Description