Responsible for being the Subject Matter Expert (SME) for Information Security Incident Response Actions, ensuring incidents are properly triaged, addressed, tracked, and closed.
Create Incident Response Playbooks and help in developing Standard Operating Procedures (SOP).
Responsible for performing internal and external security assessments/testing to validate the effectiveness of current security infrastructure using commonly available security assessment tools and make recommendations to remediate identified risks or vulnerabilities.
Responsible for review and audit of assets such as VPN, Firewall, & IDS/IPS Configuration & Management.
Responsible for assisting in the development of appropriate security related policies, procedures, guidelines, standards, benchmarks/metrics and/or processes for network infrastructure, servers, firewalls, intrusion detection/prevention (IDS/IPS) appliances and software.
Responsible for monitoring, management and review of network security components and event management applications, as well as the ability to make prudent recommendations for improving overall network security.
Responsible for assisting in various projects to ensure corporate governance of security and compliance with applicable regulations.
Generates Information Security metrics and reports for executive leadership
Liaisons with Legal for vendor management, e-discovery, and basic forensics
Directs Security Awareness Training for employees
Develops policy documentation
Qualification
Acts responsibly with sensitive and confidential information
Is creative and resourceful as a problem solver
Consistently demonstrates the drive to deliver successfully even under difficult timelines
Has strong analytical, methodical, investigative and auditing skills
Knows when to make practical rational decisions that reduce risk to JobTarget information and Information systems
Good written and verbal communications skills
Good technical writing skills
A critical logical thinker who is efficient and methodical
TECHNICAL SKILLSGood understanding of the following:
Background in a security governance model such as NIST, ISO, PCI, or HIPPA.
Experience in developing cybersecurity policies and procedures
Familiarity with risk management frameworks.
Familiarity with Asset Management
Able to define and understand various lines of business and the relationship to cybersecurity roles, responsibilities, and risk management decisions.
Familiarity with access control management and strategies
Able to manage vulnerability remediation through use of mitigation strategies
Familiarity with security control assessments and procedures
Ability to perform audits of systems, software, and security controls
Familiarity with administering a corporate security awareness training program
Experience with vetting vendors and vendor management
Familiarity with legal and regulatory compliance requirements.
HIDS/NIDS
Network Monitoring Tools
Case Management System
Web Security Gateway
Email Security
Data Loss Prevention
Network Access Control
Encryption
Vulnerability Identification
Job Types: Full-time, Fresh graduateSalary: Php60,000.00 - Php80,000.00 per monthBenefits:
Paid training
Schedule:
8 hour shift
Supplemental Pay:
13th month salary
Education:
Bachelor's (Preferred)
Experience:
NIST, ISO, PCI, or HIPPA.: 1 year (Preferred)
auditing systems, applications, networks for security risks: 2 years (Preferred)
Beware of fraud agents! do not pay money to get a job
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.