| Job Description |
The Information Security Engineer’s role is to protect the confidentiality and availability of software, systems and information . The position is responsible for maintenance of the information security program, researching, recommending and implementing changes to procedures and systems to enhance information system security.
Work with management to recommend, develop, and administer enhancements to the information security program, all IT related policies, and the IT risk management program.
Perform risk assessments of existing IT related systems, processes, and new initiatives as required. Participate in 3rd party vendor and risk management program assessments, which includes current and new vendor relationships; participate in 3rd party information security audits and penetration tests to proactively mitigate information security risk.
Assist with the review of user access for all systems. Assist with the daily monitoring of external and internal programs and systems as it relates to information security. Research, recommend and implement changes to procedures and systems to enhance information system security.
Gather security related information across multiple electronic, computer and development environments. Identify, summarize, review, and report potential/actions .Respond to information security incidents, distributing security alerts to responsible technology and business owners, and assist with internal information security Perform ongoing security quality assurance testing, and report the results to management Participate in the development of technical security standards for system platforms, and perform platform vulnerability management.
responsibilities include and not limited to
1 - Responsible for FW's and other Security devices
2 - Develop, implement and review Information Security Policies to ensure relevance and applicability
3 - Provide security advice for Information System projects and business initiatives
4 - Investigate information security incidents and recommend corrective action
5 - Research, investigate and recommend new technologies and business practices within the scope of information security
6 - Assist in risk management assessments and audits, business continuity Disaster Recovery issues and plans
7 - Perform a daily security monitoring and alert analysis from the security applications logs
8 - Perform security analysis for our environment
9 - Perform periodically vulnerability assessment and penetration testing
10- Perform FW rules review
11- Follow up with systems updates and Security batches
12- helping us to implement ISO 20000 and 27001 requirements |
