POSITION SUMMARY

The successful candidate will be responsible to provide support to the development management and implementation of compang-wide information security activities with the aim of security company's information technology infrastructure and ensuring compliance with regulations. (eg., PCI-DSS, DICJ, internal controls, policies, procedures, guidelines)

This role is primariy involved in the analysis, troubleshooting and resolution of complex technical issues that impact the information security infrastructure at the data, application, operating system and network levels.

PRIMARY RESPONSIBILITIES

- To contribute to the development, maintenance & communication of Information Security Policies.
- To monitor compliance with the policy throughout the Organization and to develop procedures/guidelines for effetive security.
- To provide expert advice and consultancy, from IT security perspective, to IT Project Managers and business stakeholders
- To assist in the identification & tracking of information & systems that must be protected as part of the Company's information security program.
- To manage user access control privileges associated with enterprise level mission critical applications.
- To maintains an up-to-date log reflecting those in possession of sensitive information, the movement of this information from person to person, and the copying and destruction of such information consistent with information classification system requirements.
- To ensure all business applications include adequate security & control measures.
- To develop and monitor a formal procedure for reporting information security incidents & investigation.
- To monitor & advise on information security issues related to the systems & workflow to ensure internal security controls are appropriate & operating as intended.
- To evaluate the application development/implementation activities for possible vulnerabilities.
- To identify gaps and to ensure security & access controls are implemented in compliance with DICJ, internal controls, security policies/procedures/guidelines.
- To participate in disaster recovery planning & testing.
- To coordinate & execute IT security projects for the Company
- To take responsibilities for ensuring that information security issues are resolved and agreed actions are implemented within agreed timeline; provide written & verbal reports and status updates;
- To participate in periodic information system risk assessment that includes systems security, application security; network security, end-point & gateway security.

REQUIREMENTS

- Familiar with IT security concepts and framework.
- Experience with network security management tools and technologies such as Antivirus, firewall, IDS, VPN, LDAP, PKI, Vulnerability Assessment and packet sniffers.
- Good understanding of IT infrastructure technologies, architecture and concepts such as: Wide Area Networking, client-server relationships, databses, risk management and associated best practices.
- Good technical skills in MS Windows & basic Linux security
- Basic scriping experience in Windows and/or Linux would be beneficial
- Ability to identify opportunities & develop new ideas that will lead to security improvement.
- Ability to analyze diverse and complex problems and identify potentify potenial solution. Organized, responsive & highly thorough problem solver.
- Able to adapt to ever changing working conditions, environments and processes.
- Ability to perform work accurately and thoroughly with a high attention to detail.
- Experienced in incident management
- Bachelor degree in Information Technology Science (or equivalent)
- MCSE, CCNA or equivalent
- Security related certifications from ISC2, EC-Council, CompTia+, etc. would be beneficial