Cybersecurity Engineer

Cybersecurity Engineer

Principle Accountabilities

• Execute comprehensive enterprise information security and IT risk management program to ensure effective controls based on ISO 27001 and CIS are present to protect company assets
• Manage the continuous maintenance of the IT network, servers, user identity and devices to ensuring optimum security levels are maintained.
• Implement and manage security infrastructure firewalls, Secure Access Service Edge for the company’s users.
• Vulnerability assessment and Penetration testing of applications and perimeter using tools such as OWASP ZAP, support DevSecOps process.
• Analyze IT security threats in real-time and mitigate the threats; secure configuration of all IT assets.
• Ensure that newly-acquired technology complies with the IT security regulations and conduct regular vulnerability assessments on all online resources and present periodic updates on IT network security to the board audit committee to ensure no internal breaches or misuse of data take place.
• Responsible for managing information system security incidents, including investigation, recovery and prevention works.
• Participate in architectural discussions to work through risk, security, and compliance concerns and give inputs for architecture decisions on all aspects of security solutions.
• Attend training session to broaden and master skillset into advanced and emerging areas of cybersecurity.
• Assist in preparing training material for employees on cybersecurity, its threats and countermeasures
• Provide updates as required to Compliance Steercos & complete assigned actions items so as to avoid nonconformities

Qualifications and Experience

• Bachelor’s degree with Information Technology specialization.
• 1- 3 years of experience in similar capacity
• Experience in conducting or participating in any application security penetration testing.
• Professional qualifications from following professional bodies ISACA; (ISC)2; or Global Information Assurance Certification (GIAC).
• Understanding of controls and frameworks and sound knowledge in network security controls, operating systems and incident response management.
• Good planning & organizing skill, quality focus and Attention to detail is mandatory.