申请该工作

关闭

职位介绍






  • Creating IT Security catalog / repository and conduct Info Sec. documentation reviews

  • Reviewing, revising, and, where appropriate, proposing new policies and procedures to ensure compliance with applicable laws and regulations or standards

  • Working with Clients / staff to develop new or updated policies

  • Managing feedback and plans from audits for multiple clients

  • Identifying major risk factors for IT Governance and developing and coordinating the implementation of strategies to reduce/remediate process, operational, regulatory and compliance risks

  • Providing support and oversight to Company’s various IT /IS audit projects and testing initiatives, including audits of its internal controls

  • Ensuring that the appropriate IT controls are considered throughout new system implementation projects and reviewing documentation for new IT processes that impact compliance, as required

  • Deliver security services such as penetration Testing, Vendor Security Products implementation, GRC Audit and Implementation services to clients. The services include technical security assessments of applications and infrastructure, security design reviews as well as risk assessments.

  • Perform application and infrastructure Cyber Security Assessments, as well as physical security review and social engineering tests for our global clients

  • Review and define requirements for information security products implementation.

  • Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets





Sr.




Dimension




Task






1




  • Security Product Implementation
  • IBM, McAfee, Symantec, Kaspersky security product implementations









2




  • Penetration Testing (Good to have)
  • Have understanding of tools and technologies for performing Penetration Testing.









3




GRC




  • Have understanding of GRC products for RA






 






KEY RESPONSIBILITIES


1 – Business Understanding



  • Increase knowledge base regarding technical products.

  • Span includes (and not limited) to security assessments and products.   


2 –  Technical products learning



  • Self-learning ability to learn new products of same portfolio.

  • Should be convenient with scripts, tools and web searches.

  • Can train his peers on new technologies. 


3 – Research and programming



  • Willing to do programming tweaks. Should not be language dependent.

  • Adaptive learning is a MUST to have ability.

  • Ability to do search solutions independently.

  • 60 % scenarios demands programming skills.  


4 – Training & Development



  • Identify key skills, specialty skills and propose training needs accordingly.

  • Learn new tools and technologies and provide training to peers on the tools.

  • Managing, communicating and delivering important technical product projects that impact Information security department of the organization.






KEY PERFORMANCE INDICATORS



  • Maintain and Cover the technical processes and documentation diligently and on time

  • Understand the importance of client relationship environment.

  • Establish and maintain a strong and progressive work culture within the department.

  • Willing to learn new technologies.

  • Proactively handle issues and concerns during onsite deployments.






KEY SKILLS


SPECIALIZATION



  • CEH, CISSP, OSCP or any security vendor certification would be preferred.

  • Any certification in the LA ISO27001, ISO 27005, ISO 27701 and experience within the field.

  • Security Products experience would be preferred.

  • Good understanding of network protocols, design and operations

  • Ability to architect and drive change

  • Ability to lead in a global environment

  • A flexible team player with a proven ability to work successfully in a matrix-reporting environment

  • Be able to conduct Risk Assessment & Reviews based on ISO27000 standards with additional exposure to multiple standards an added plus


TECHNICAL



  • Sound knowledge of Information Security and penetration testing concepts

  • Familiarity with IP network architecture technology and protocols, Windows and Linux operating systems, routing, web technologies and protocols, firewall configuration and rule maintenance, common programming and scripting languages, SQL databases and queries, and OWASP

  • Understanding of latest technology stacks.

  • Exposure to various info sec tools


GENERAL



  • Must have a college education with an under graduate or post graduate degree.

  • Excellent written and verbal communication skills to present and interact with different stakeholders in global settings

  • Excellent analytical and problem solving skills

  • Self-motivated, having a passion for learning

  • Be able to train other resources.

  • Willingness to travel

  • Willingness to learn





工作详细内容

全部职位:
1 发布
工作时间:
早班
工作类型:
工作地址:
性别:
没有偏好
最低学历:
学士
学位头衔:
CS/IT/SE
职位等级:
资深专业人员
经验:
6年 - 8年
在之前申请:
Jul 02, 2021
发布日期:
Jun 01, 2021
显示基本信息 浏览全部工作信息

你最大的竞争优势

快速得到有竞争力的分析和专业的对你的评定
联系我们团队的专业顾问来提升你的简历
尝试罗资 专业版

Kualitatem Pvt Ltd

· 51-100 员工 - 拉合尔

Kualitatem is a leading Independent Software Quality Assurance (QA) and Testing company, providing services across the globe. Kualitatem's award winning team inspires their clients to outsource their testing needs to the multidimensional and experienced pool of professionals for in depth analysis. K ...阅读更多

相同职位头衔

Information Security Engineer

Soloinsight Pvt. Ltd., 拉合尔, 巴基斯坦
发布 Jul 15, 2021

Information Security Administrator

CureMD, 拉合尔, 巴基斯坦
发布 Jul 29, 2021

Information Security - Pentester

HR WAYS (PRIVATE) LIMITED, 卡拉奇, 巴基斯坦
发布 Aug 03, 2021

Information Security / Compliance Consultant

Kualitatem Pvt Ltd, 拉合尔, 巴基斯坦
发布 Jul 24, 2021
浏览全部