Your Duties :
- Identify, document, and assess information security vulnerabilities and risks in the information technology environment.
- Evaluate identified vulnerabilities and risks, working with business owners, risk management, and IT leaders.
- Identify tasks and controls necessary to re mediate identified risks and vulnerabilities; negotiate dates for remediation to be complete.
- Monitor appropriate sources for newly identified vulnerabilities, evaluate the risk such vulnerabilities pose to the organization???s information and systems, and advise management of appropriate measures to eliminate or reduce the organization???s risk or exposure to such vulnerabilities.
- Monitor appropriate industry sources to maintain awareness of new security tools and techniques and research those tools and techniques that have the potential to improve the organization???s ability to protect its information and infrastructure.
- Lead or participate in the development of security standards, processes, and procedures.
- Work with responsible teams to develop mitigation plans and ensure vulnerabilities are addressed and re mediated effectively and efficiently.
- Provide security consulting and technical assistance with the evaluation, selection, initial set-up and secure deployment of new IT systems.
- Follow up with compliance tasks related to policies, standards and procedures.
- Coordinate communication with various stakeholders and provide general support on risk & security related issues.
Your Experience and Skills :
- Minimum 3 years of experience in Information Security experience
- A Bachelors??? degree in Computer Science, MIS, business or equivalent experience is required.
- Security Certification (e.g. CISSP) a plus
- .NET programming, Powershell or Java scripting a major plus
- Strong technical knowledge of information security principles, including risk assessment and management, Cyber security defences, application security, operating system hardening, threat and vulnerability management, encryption,?? and identity and access management
- Knowledge of Directory Services (LDAP, AD) and Internet/Intranet architecture and design
- Ability to weigh business risks and enforce appropriate information security measures
- Excellent documentation and presentation skills; ability to explain information security concepts to audiences outside of the field
- Proven ability to examine, improve and execute the organization’s existing security risk assessment processes and procedures
- Excellent written and verbal communication skills.
- SharePoint and advanced excel skills a plus
- Excellent planning and organizational skills.