Cyber Security Engineer

• Protecting computer systems and networks.
• Develop & maintain Information Security Plans and Policies with yearly review or as need arise.
• Develop & maintain hardening checklist by adopting industrial best practice and review yearly.
• Plan and carry out an organization's information security strategy. Develop a set of security standards and best practices for the organization and recommend security enhancements to management as needed.
• Develop strategies to respond to and recover from a security breach.
• Educating the workforce on information security through training and building awareness.
• Use of firewalls and data encryption programs to protect organizations sensitive information. Also assist computer users with installation or processing of new security products and procedures.
• Conducts quarterly scans of networks to find any vulnerability.
• Conduct bi-yearly penetration testing, in which they simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party.
• Must constantly monitor organizations networks and systems for security breaches or intrusions with software that helps to notify of intrusions and watch out for irregular system behavior.
• Leads incident response activities to maximize the impact. Afterwards, lead a technical and forensic investigation into how the breach happened and the extent of the damage. Prepare reports of the findings to be reported to management.
• Play a "hands on" role in the above mentioned areas when required by the situation, ensuring delivery in the different areas of responsibility.
• Follow up and optimize the contracts and Service Level Agreements in the areas of responsibility, both in offered services and value for money, as well as structuring their monitoring and delivery through the ISO9001, ISO20001, ISO27001, ISO14298 & PCI standard of operating processes.
• Report in a time fashion to the Head of Unit and Head of Division and ensure availability and consistency of appropriate management information by areas.
• Follow up and evaluate emerging technologies.
• To carry out any other duties and job functions as and when required by the Company or persons acting on behalf of the Company.

Competencies

• Strong organizational skills.
• Very good interpersonal and negotiating skills.
• Ability to work within a team and handle internal and external contacts.
• Capacity to co-ordinate projects and external teams.
• Analytical and problem solving skills.
• Facility for technical report writing.
• A disciplined approach to organizing work and priorities and to documenting work.
• A strong multi tasker with a keen eye for detail, can think one step ahead of criminals. Well organized and thrive in fast paced, high stress scenarios.
• Direct experience with anti-virus software , intrusion detection, firewalls and content filtering.
• Knowledge of risk assessment tools, technologies and methods.
• Experience designing secure networks, systems and application architectures.
• Knowledge of disaster recovery, computer forensic tools, technologies and methods.
• Experience planning, researching and developing security policies, standards and procedures.
• Professional experience in a system administration role supporting multiple platforms and applications.
• Ability to communicate network security issues to peers and management.
• Ability to read and use the results of mobile code, malicious code and anti-virus software.

Job Requirement

• At least 4 years working experience on related field.
• Bachelors Degree in IT/ Computer Science/ Computer Engineering/ Information System or equivalent. Specific training or certificates in security is an added advantage.
• Familiar with Industry's Security standards such as NIST and ISO/ IEC27001. Any relevant certification in Security or other relevant IT Security certifications.