Safeguard information systems by identifying and solving potential and actual security threats and applying and maintaining appropriate controls.
Requirements
- 4-5 years IT experience (essential) which should include IT security
- Bdegree in computer science, electrical engineering, process engineering or Information Technology or equivalent
- Industry security certification (e.g CCNA, CCNP, CISSM, CISSP)
- A passion for cyber security and a keen interest in IT
- IT skills, including knowledge of computer Vulnerability assessment, threat modelling, networks, operating systems and software security
- Experience working in AWS or Azure with a strong desire to further ones skills
- Working knowledge of a SIEM platform, with a focus on (SIEM Configuration and Management, Log Management, Incident Detection and Response, Threat Intelligence Integration, Data Analysis, Documentation and Reporting.)
- An understanding of the cyber security risks associated with various technologies and ways to manage them
- Working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus
- Keep up to date with the latest security and technology developments
- Research/evaluate emerging cyber security threats and ways to manage them
- Plan for disaster recovery and create contingency plans in the event of any security breaches
- Monitor for attacks, intrusions and unusual, unauthorized or illegal activity
- Test and evaluate security products
- Use advanced analytic tools to determine emerging threat patterns and vulnerabilities
- Engage in 'ethical hacking', for example, simulating security breaches
- Identify potential weaknesses and suggest measures to implement.
- Investigate security alerts and provide incident response
- Monitor identity and access management, including monitoring for abuse of permissions by authorized system users
- Liaise with stakeholders in relation to cyber security issues and provide future recommendations
- Generate reports for both technical and non-technical staff and stakeholders
- Maintain an information security risk register and assist with internal and external audits relating to information security
- Monitor and respond to 'phishing' emails.
- Assist with the creation, maintenance and delivery of cyber security awareness training for colleagues.
