Develop, execute, and track the performance of security measures to protect information and network infrastructure and computer systems
Identify, define, and document system security requirements and recommend solutions to management
Configure, troubleshoot, and maintain security infrastructure software and hardware
Install software that monitors systems and networks for security breaches and intrusions
Monitor systems for irregular behavior and set up preventive measures. Engineer, implement and monitor security measures for the protection of computer systems, networks, and information
Plan, develop, implement, and update company’s information security strategy
Educate and train staff on information system security best practices
Manage Cyber Security Questionnaire handed out by clients
Manage and maintain all IT security related documentation
Prepare and document standard operating procedures and protocols based on guidelines from IT security frameworks like HIPAA, GDPR, HITRUST, ISO 27001, etc.
Must have knowledge and experience of basic exploits and tools like tcpdump, Wireshark, Metasploit, Burp Suite, API, and Mobile App testing etc.
Understanding of Reverse Engineering, Proxies, VPNs.
Strong knowledge of Windows, Linux, and Mac Operating systems.
Strong understanding of conducting various attacks such as XSS, CSRF, Injection attacks, Escalation of Privilege, Directory Traversal attack, DDoS, Slow packet injection, etc. and the knowledge of mitigating them.
Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
Ensure that the company knows as much as possible, as quickly as possible about security incidents
Author comprehensive reports including assessmentbased findings, outcomes, and propositions for further system security enhancement
Requirements ( Education & Experience )
4 7 years of proven work experience in Cyber Security projects
Strong interest in the field of Cyber Security, Security Risk on Business, Networks, and Operating Systems
Up to date knowledge of major new vulnerabilities and the ability to evaluate risk to the business
Coordinating with the diverse teams to help in implementation of compliance requirements (HIPAA, HITRUST, GDPR, COBIT, ISO 27001, PCIDSS, RBI, NIST etc.)
Preferably CISA, CISSP, OSCP, or other technical certifications like CCNP Security, GIAC, and Microsoft Systems Developer training
BSMS degree in Computer Science, Engineering, or a related subject
Preferred
Considerable Experience working with diverse clientele, bonus points to experience with healthcare clients
Handson knowledge in implementing Cyber security frameworks and securing certifications for organizations
