Job Description

Full Time

• Post Date: October 4, 2021 18226

Position Overview The Security Analyst is a functional member of the IT Infrastructure team and will work closely with the other members of the team to maintain and enhance the information security program.
Key Accountabilities/Duties

• Monitor and advise on information security issues related to the systems and workflow to ensure the internal security controls are appropriate and operating as intended.
• Manage Web Application Firewall (DOSArrest) that is protecting all customer’s websites
• Maintain high availability and integrity of customer’s websites by managing monitoring tools (Weborion).
• Coordinate response to information security incidents.
• Develop and publish information security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
• Assist with data classification assessment and security audits and remediation plans.
• Collaborate with IT management to manage security vulnerabilities.
• Perform network penetration tests, vulnerability assessment scans and risk assessment reviews.
• Develop, coordinate and review server hardening for platforms used within the environment.
• Review of logs pertaining to security of various platforms, namely server events and logs, network logs.
• Create, conduct and maintain user security awareness.
• Conduct security research in keeping abreast of latest security policies.
• Provide recommendation and remediation plan to address vulnerability findings
• Serve as an advisor to IT management on all Information Security issues
• Coordinate with other engineers on software or product patching or updates.
• Generate and renew Entrust SSL via ECMS portal
• Generate security reports on monthly basis
• Review privilege accounts used in customer’s environment
• Perform other security related duties as assigned.

Requirements:

• 
  
  • Degree in Computer Science/Information Technology or equivalent
  • At least 3 years’ experience in IT
  • Basic technical knowledge in IT network infrastructure, server platforms (Unix, Windows platform) and desktops (OS X and Windows XP and above)
  • Experience in using security tools (Security Endpoint solutions, HP ArcSight, QRadar, Rapid7 Nexpose, Tenable Nessus))

• Certified with one or more of the following: QISP, CISSP or CISA (Preferably CISSP)
• Be alert and able to react on security incidents in timely manner