Main Duties and Responsibilities

To assist & involve in overseeing information security, IT risk management programs and risk management frameworks and administer of IT security solutions.

Detail Duties and Responsibilities 

• Support in managing IT security projects
• Assist IT teams in implementing IT security controls
• Support gap analyzing and reviewing security controls implementation for mandatory compliance standards such as PCI DSS, CMB-NET and Swift Mandatory Security Controls, and Western Union Security Requirements.
• Review and advise improvements to security technical setups and configuration to ensure compliance with organization policy/standards and regulatory requirements
• Regularly review the effectiveness of security controls such as firewalls (Web, Database), IDS/ IPS, VPN, Endpoint protection system, Data Loss Prevention, File Integrity Monitoring and Vulnerability management system, etc. Provide necessary assistance to review
• Conducting internal vulnerability scanning activities
• Evaluation of vendors for new security solutions based on organization’s evaluation criteria 
• Conducting security assessment for new technical systems before going live to production and critical systems frequently. 
• Identify, assess, assist response plans for technology/information risks 
• Participate in tracking, monitoring and timely respond to security threats and incidents via SIEM system and according to predefined policy and procedures 
• Prepare Information Security weekly report
• Configuration, fine-tuning, monitoring, managing Cloud WAF/DDoS protection, Endpoint security, File integrity monitoring, SIEM systems, etc.

Qualifications

• Bachelor's degree or equivalent experience in Cybersecurity, Information Technology, Computer Science or related field
• Strong knowledge of Cybersecurity and Information Security principles
• Strong understanding of security standards such as PCI DSS, ISO 27000 Series, etc. 
• Technical clarity and understanding of Firewalls, VPN, Multifactor Authentication, IDS / IPS, Endpoint Security, Security Information and Event Management (SIEM), etc. 
• Administration and managing the Endpoint Security Systems § Administration and managing the File Integrity Monitoring Systems 
• Administration and managing the SIEM Systems 
• Configure the Cloud Web Application Firewall rules and DDoS protection rules 
• Security Attestation and Vulnerability Assessments to critical systems
• Effective communication and interpersonal skills 
• Strong problem solving and analytic skills