INFORMATION SECURITY ANALYST
IT security experience in the application, systems or network layers Experience with security tools such as IDS, HIDS, FIM, Web Application Firewalls, vulnerability scanners.
Experience with encryption technologies, secure coding (Security groups, config rules, access controls, segmentation, logging and alerting) Scripting and coding abilities are a plus Excellent communication skills.
Classify and track incidents through identification and resolution. Operate vulnerability management tools, such Nessus, Burp Suite, etc. to perform internal and external vulnerability assessments.
Deploy, manage and monitor IDS/IPS and WAF, to identify and assess network and application layer threats. Serve as a point of contact for application, network, and cloud security inquiries.
- Participate in various security audits with external consultants like ISO 27001, PCIDSS, SOC1, SOC2. Prepare necessary security documentation and evidence during audits.
- Promote awareness of applicable security policies and standards. Implement or coordinate remediation required by audits, as necessary. Review of security documentation and architecture to provide approvals for application deployments, firewall rules, etc.
- Must have managed IT Security infrastructure, implementation projects including Designs, builds and delivers physical, logical and personnel Security measures to fulfil the Legal, Regulatory and business requirements.
Good knowledge in ISO 27001, experience of lead auditor specifications for a framework of policies and procedures that include all legal, physical and technical controls involved in an organizations risk management.
- Experience / knowledge on mobile OS (iOS, Android) is a plus
- Possess current security certifications, a plus (e.g., ISO 27001, CEH).
- DevOps (/DevSecOps) experience is a plus
- Ability to demonstrate feasibility of proposed architecture through mock-up / Prototyping
Share your updated resume to firstname.lastname@example.org