AM Information Security

Job Description

  • Define and/or implement policies and procedures to ensure protection of critical infrastructure as appropriate.
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
  • Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence) on information systems.
  • Participate in Risk Governance process to provide security risks, mitigations, and input on other technical risk.
  • Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs).
  • Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
  • Assist in patching network vulnerabilities to ensure that information systems are safeguarded.
  • Monitor and evaluate the effectiveness of the enterprise’s cybersecurity safeguards to ensure that they provide the intended level of protection.
  • Conduct and/or support authorized penetration testing on enterprise network assets.
  • Execute and manage risk and vulnerability assessments processes.

Required Skill & Abilities

  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • Knowledge of Risk Management Framework (RMF).
  • Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)
  • Knowledge of SIEM deployment and management throughout its lifecycle.
  • Ability to perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.

Please share your resumes in MS WORD format at jobs@hcspak.com

Note: Please mention the position in the subject line. Only shortlisted