The scope of this position includes:
- Reporting to the Senior Director of IS Security, regular monitoring of all information security systems for cyber-attacks, intrusion attempts, and security breaches within the company, and timely responses to any violation ot threat;
- Lead security threat intelligence gathering on new or potential security threats, actively manage threat events, and lead the incident response, escalation, and forensics analysis.
- Act as the subject matter expert for all topics related to cyber and application security, and maintain expertise in current and emerging technologies;
- Monitor and scan for security vulnerabilities, threats and events in network, host systems and applications;
- Perform penetration testing to identify vulnerabilities and recommend safeguards as preemptive measures;
- Act as a focal point for IT security investigations, direct responses, an drecommend course of action;
- Develop strategies to handle security incidents and coordinate investigative activities;;
- Develop standard processes and documentation for security incident tracking and management, in all locations;
- Work closely with the business groups as a consultant to understand and deliver secure and reliable solutions to business problems;
- Indentification, selection and implementation of new Information Security an dCybersecurity capailities;
- Review and make recommendation on any expection request t o established security standards;
- Review SaaS, PaaS, IaaS and outsource provider performance data te identify trends and issues and deelop performance improvement plans;
- provide input to the CyberSecurity Delivery Technology Roadmap;
- Assist in architecting and implementing managed service solutions;
- lead future service delivery strategy development for information security with the latest technologies, intelligence, and potential threats;
- Understand and utilize change management, project management and incident management processes.
- Bachelor's Degree in Computer Science, Information Systems, or Engineering, or equivalent work experience with an information security focus;
- 5 of more years and extensive experience in Information Security Forensics, malware identification, penetration testing, intrusion detection and defense in depth concepts, and strategic thinking on security issues;
- Deep technical knowledge of current trends in cypersecurity, secure application coding methodologies and testing, host and network forensics, and cryptology;
- Hands-on experience and skill in the details of security threats, incidentresponse, and penetration testing;
- Possess strong skills to lead cross-functional teams (internal/client/vendor/onshore/offshore) and work collaboratively with all levels of technical and business teams;
- Possess solid written an dverbal communication skills, and polisghed presentation skills.
- Experience in inforamtion protection, information security and/or cybersecurity;
- Experience with intrusion Prevention Systems, Firewalls, Identity Management, and log correlation systems as well as their interrelationship with other IT systems;
- Strong knowledge and udnerstanding of cybersecurity operations as structured in NIST, ISO, ITIL, COSO and COBIT frameworks;
- Experience working with complex ERP software applications and integration projects;
- Ability to work independently, driven to hunt for potential threats, as well as collaboratively in a cross functional team;
- Ability to motivate people, instill accountability and schieve results;
- Security certifications including CISSP or Certified ethical hacker,would be a plus.