Information Security Specialist

Responsibilities:

• Implement real-time oversight of security systems, including firewalls, IDS/IPS, EDR, XDR, WAF, SIEM, and email gateways, to promptly detect and mitigate threats in both on-premises and cloud environments.
• Conduct regular vulnerability scans and risk assessments to identify security gaps, ensuring timely remediation in both on-premises and cloud environments and enhancement of the security framework.
• Establish and execute a comprehensive incident response plan for security breaches, encompassing investigation, containment, recovery, and post-incident analysis using SIEM and EDR/XDR tools.
• Formulate and enforce security policies aligned with industry standards (e.g., ISO 27001, NIST, QCERT and NIA) to ensure compliance and enhance overall security.
• Implement ongoing security training and awareness programs to educate employees on best practices and emerging threats, fostering a security-conscious culture.
• Establish robust access controls to limit data exposure based on user roles, ensuring only authorized personnel can access sensitive information.
• Integrate threat intelligence feeds to stay updated on emerging threats and vulnerabilities, enhancing proactive defense measures.
• Conduct periodic security audits and penetration testing to evaluate the effectiveness of security measures and identify areas for improvement.
• Prepare and submit regular compliance reports to management, highlighting adherence to security policies, incident responses, and ongoing security initiatives.

Qualifications:

• 3-5+ years of experience in the following:
• Network and System Security devices and tools.
• Infrastructure Services Governance.
• Vulnerability scanning and assessments.
• Security incident response management.
• Enforcing industry security policy standards and frameworks.
• Configuring and integrating threat intelligence feeds.
• Writing security reports, policies, and procedures.
• Conducting penetration testing and audits.

Job Type: Full-time