As a Senior Information Security Engineer/Manager, you play a critical role in developing, implementing, and maintaining the information security strategy and procedures for our organization. Your primary responsibility is to ensure the protection of our data and information systems while effectively responding to security threats. You'll be responsible for assessing and managing potential security risks, maintaining compliance with regulations, leading security awareness programs, and collaborating with various teams to incorporate security best practices into our IT projects. Your expertise will be instrumental in evaluating and deploying new security technologies and tools to enhance our defense capabilities.
Develop, Implement, and Maintain Information Security Strategy: You will be responsible for formulating, implementing, and sustaining the company's information security strategy and related procedures. This strategy should align with industry best practices and evolving threat landscapes to protect our organization effectively
Risk Assessment and Management: Identify and evaluate potential information security risks and vulnerabilities, then propose and implement improvements to enhance our security posture continually
Security Monitoring and Incident Response: Vigilantly monitor the network and systems for security incidents, including intrusion detection and emergency response. Swift and effective handling of security threats is a top priority
Policy and Compliance Management: Collaborate on the development and maintenance of security policies and standards. Ensure that these policies and standards align with applicable laws and regulations, and regularly review and update them for ongoing compliance
Security Training and Education: Lead information security training and education initiatives to increase awareness and knowledge among all employees. A well-informed workforce is a critical aspect of our security strategy
Cross-Team Collaboration: Collaborate closely with internal teams to integrate security best practices into daily IT projects. Ensure that security considerations are seamlessly woven into our company's culture and operations
Evaluation and Deployment of New Technologies: Assess and deploy new information security technologies and tools that enhance our defense capabilities. Stay up-to-date with industry advancements and emerging threats
Vendor Collaboration: Work with third-party vendors to evaluate and select security solutions that align with our organization's unique requirements, ensuring that we remain protected against potential threats
Incident Recording and Reporting: Maintain thorough records of security incidents and actively participate in investigations and the implementation of solutions. These actions are essential for the continuous improvement of our security measures
Education: Hold a bachelor's degree or equivalent qualification. Candidates with experience in a relevant field will receive preferential consideration
Experience: Possess a minimum of 5 years of information security work experience. Having relevant information security certifications, such as CISSP, CISM, CEH, is an advantage
Technical Knowledge: Demonstrate a deep understanding of information security technologies, including but not limited to firewalls, intrusion detection systems, security information and event management (SIEM), and more
Compliance Familiarity: Be well-versed in key information security standards and regulations, such as ISO 27001 and GDPR
Problem-Solving Skills: Exhibit excellent problem-solving and analytical skills, capable of addressing complex information security challenges
Communication and Leadership: Demonstrate strong communication and leadership abilities, enabling effective collaboration among different departments
Crisis Management: Prior experience in crisis management and emergency response is advantageous
Continuous Learning: Maintain vigilance regarding information security trends and new technologies, with a commitment to continuous learning and professional advancement
The IT Services Company is seeking a skilled Security Engineer who is passionate about security and holds extensive expertise in the field. In this position, you will be responsible for designing, implementing, and overseeing security measures to safeguard our computer systems, applications, and infrastructure. This includes handling aspects such as WAF, DDoS, DNS, Networking, VPN, and more.
We are currently seeking a capable Sr. Security Engineer to take charge of our company's security operations. this role will be responsible for the strategic planning, coordination, execution, and reporting of technical assessments and audits related to networks, applications, system development, and IT processes. The primary objective is to fortify our defenses against cyber threats and potential attacks.