IT Security Consultant
تفاصيل الوظيفة
Security (Information & Communication Technology) Full time This role is responsible for managing information risk, ensuring compliance with Security Standards practiced by the services/organization, and providing security support on applications and projects to prevent the unintentional, unlawful, or unauthorized disclosure, alteration, or destruction of IT resources. KEY RESPONSIBILITIES:
- Manage operational IT Security for a high availability financial service and work on reporting & improvement, as well as facilitate audits and training.
- Drive analysis & handling of security vulnerabilities & incidents.
- Establish, maintain, and review compliance with Operational Security processes and procedures periodically to ensure these are met and monitored.
- Establish, maintain, and review strict access control to information and IT systems according to business needs and access policies.
- Perform Access Management activities (grant, change, and revoke access privileges).
- Establish and maintain an environment that complies with the Payment Card Industry Standards & Requirements, the Information Security Management Framework, and other applicable security standards and baselines.
- Monitor and manage security controls (system settings, logs, alerts, audit trails, attempts, violations, faulty logons, lockouts, etc.).
- Work closely with clients/application/infrastructure owners in applying and implementing new security changes/solutions (e.g., protection concept, security specifications, architecture and design, security assessment).
- Exposure and work on Security Operation Center (SOC) tools, maintenance, and operations support.
- Knowledge/exposure on baseline controls (environmental controls, application generic control, third-party access controls, and legal and regulatory controls).
- Understanding and exposure to working with external auditors on ISAE 3402, PCI-DSS compliance, and other mandatory standards (health and safety, ISO/IEC 27001:2005, 27002:2005, and 27005:2008).
- Self-starter who can work autonomously and independently and is willing to learn and explore compliance and IT security.
- Good written and verbal communication skills, with the ability to interact productively across internal/external stakeholders, auditors, and functions.
- Broad understanding of security technology, IT security standards, and compliance.
- University degree, followed by depth experience in Governance or Compliance with a focus on IT security.
- Overall 2 - 5 years working experience in the IT industry with at least 2 years’ experience in IT Security & Compliance.
- Self-motivated and able to work independently as well as a team player.
- Good to have: Cards and Payment domain knowledge, exposure or understanding of PCI DSS, PCI PA-DSS, security industry standards, IT Security and Assurance, TIA knowledge/practice, infrastructure security knowledge/practice, multiple OS and AD knowledge practice, and SIEM knowledge/practice.
- Experience in an IT operations-related field such as IT Security, IT Admin, disaster recovery, or maintenance of SOC tools.
Apply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.