Design, implement, and manage advanced security solutions to protect the organization’s IT infrastructure, including networks, systems, and applications.
Perform security assessments, vulnerability assessments, and penetration testing to identify and remediate security weaknesses.
Develop and maintain security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
Lead incident response efforts, including investigating security breaches, conducting root cause analyses, and implementing corrective actions.
Monitor security systems, analyze security alerts, and take appropriate actions to mitigate threats.
Collaborate with cross-functional teams to integrate security best practices into all stages of the software development lifecycle (SDLC).
Conduct security training and awareness programs for employees to promote a culture of security within the organization.
Evaluate and recommend security tools, technologies, and solutions to enhance the organization’s security capabilities.
Stay up-to-date with the latest security trends, threats, and technologies to proactively address potential risks.
Mentor junior security engineers and provide technical guidance and support to the IT team.
Qualifications:
Bachelor’s degree in Computer Science, Information Security, or a related field. Master’s degree preferred.
5+ years of experience in cybersecurity, with a focus on security engineering and architecture.
Deep knowledge of security frameworks and standards, such as NIST, ISO 27001, and CIS.
Proficiency in security technologies, including firewalls, intrusion detection/prevention systems (IDS/IPS), security information and event management (SIEM), encryption, and identity and access management (IAM) solutions.
Strong understanding of network protocols, operating systems, and security architecture principles.
Experience with cloud security, particularly with platforms such as AWS, Azure, or Google Cloud.
Excellent problem-solving and analytical skills, with the ability to design secure solutions for complex environments.
Strong communication and leadership skills, with the ability to influence and guide stakeholders at all levels.
Relevant certifications such as CISSP, CISM, CEH, or OSCP are highly desirable.