We are looking for a Cyber Security Lead to join our multi-disciplined IT & Security team, working closely with internal and external stakeholders to ensure the cyber security objectives of the organization are met and excelled.
Tasks & Responsibilities
- You will be responsible for various tasks, including process re-engineering and documentation of activities related to this area.
- Ensure that ancillary processes (3rd party risk, assessments, ) accurately reflect control requirements
- detect insecure features and malicious activities within our networks and infrastructure.
- implement customized application security assessments for client-based asset risk, corporate policy compliance as well as conduct vulnerability assessment.
- Drive strategy for security awareness management and identify opportunities to improve visibility and sophistication of response capability
- Review and facilitated approval for Security related policies and security initiatives
- Creates actionable insight and understanding, through the analysis of both quantitative and qualitative data, building recommendations that directly address cybersecurity and business fraud identification objectives
Key Skills
- Experience with application and infrastructure penetration testing and associated frameworks i.e. MITRE ATT&CK framework for both blue team and red team activities (purple team).
- Continue to build and enhance secure application design and development policies and practices
- Experience with international security requirements and standards (EU Data Privacy, Safe Harbor, PII, data transfer, GDPR, HIPAA, FEDRAMP, NIST, GRC, ISO 27001, 27002, NERC-CIP, SOC2, FISMA, CIS v7) is required
- Ability to present risks and propose countermeasures to senior technology executives
- Ultimately, you will work to ensure the security of our business information, employee data and client information throughout our entire network.
- Experience with network, host, and application anomalies and alerts raised by automated systems, such as SIEM, NGW, APT and end-point protection