Threat Monitoring and Analysis: Continuously monitor networks and systems for security breaches or vulnerabilities and investigate and respond to potential threats.
Security Policy Development: Develop, implement, and enforce security policies, procedures, and protocols to protect sensitive data and ensure regulatory compliance.
Risk Assessment and Vulnerability Management: Proficient in conducting regular risk assessments, vulnerability scans, and penetration tests, and collaborating with IT teams to implement remediation strategies for enhanced cybersecurity posture
Audit: Review all changes of systems, make sure all changes are recorded (including quality and process verification are meeting standards)
Incident Response: Lead incident response efforts, including containment, eradication, and recovery from security breaches, and document lessons learned.
Identity and Access Management: Manage and monitor access controls, permissions, and multi-factor authentication systems to ensure appropriate user access.
Using data loss prevention technologies/strategies to protect sensitive data and develop and implement extensive security plans, policies and procedures to protect personnel, assets and information.
2. Troubleshooting and Support
Provide technical support for end-users and troubleshoot issues related to security issues.
Employee Training and Awareness: Conduct training and awareness programs to educate staff on security best practices, phishing threats, and safe online behavior.
Collaboration: Work closely with IT and development teams to design secure infrastructure and recommend security improvements.
Incident Response & Documentation: Leading incident response efforts, including root cause analysis and post-incident reporting, to ensure lessons learned are integrated into future security planning.
Yêu Cầu Công Việc
Education & Major: Information Technology, Computer Science, or a related field. Industry certifications preferred
License & Certificate: Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) is a plus.
English level: Good
Strong knowledge of SIEM, firewalls, VPNs, IDS/IPS, data loss prevention (DLP) technologies multi-factor authentication (MFA), and vulnerability scanning tools (e.g., Nessus, Qualys).
Proficiency with security protocols, encryption, and cryptography.
Familiarity with compliance standards (e.g., GDPR, HIPAA, PCI-DSS).
Experience with vulnerability scanning and penetration testing tools.
Ability to conduct root cause analysis for security incidents.