Skills:

• Knowledge of Windows, UNIX, and Linux kernel programming.
• Understanding of ISO 27001/27002, ITIL, and COBIT frameworks.
• A grasp of perimeter security controls such as firewalls, IDS/IPS, network access controls, and network segmentation.
• Network security architecture development and definition.
• Experience with the various aspects of wireless security such as routers, switches, and VLAN security.
• Knowledge of security concepts related to DNS, including routing, authentication, VPN, proxy services, and DDOS mitigation technology.
• An understanding of third party auditing and cloud risk assessment methodology.
• Extensive experience in information security and/or IT risk management with a focus on security, performance and reliability.
• Solid understanding of security protocols, cryptography, authentication, authorisation and security.
• Good working knowledge of current IT risks and experience implementing security solutions.
• Experience implementing multi-factor authentication, single sign-on, identity management or related technologies.
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
• Solid understanding of Fintech and Healthcare domain will be added advantage.
• IT Security or risk management certifications will add weight to the profile.
• Excellent written and verbal communication skills as well as business acumen and a commercial outlook

Roles and Responsibilities:

• Gaining a total understanding of the organization’s technology and information systems.
• Planning, researching, and designing reliable, powerful, and flexible security architectures for all IT projects.
• Performing vulnerability testing on the completed infrastructure, including risk analyses and security assessments.
• Researching the latest security standards, new security systems, and updated authentication protocols.
• Defining, creating, implementing, and maintaining all needed corporate security policies and procedures, making sure that all employees abide by them.
• Developing requirements for all IT assets including routers, firewalls, local area networks (LANs), wide-area networks (WANs), virtual private networks (VPNs), and any other related network devices.
• Reviewing and approving the installation of all firewalls, VPN, routers, servers, and IDS scanning technologies.
• Preparing cost estimates for all cybersecurity measures and identifying any potential integration issues.
• Designing critical public infrastructures (PKIs), including digital signatures and certification authorities (CA).
• Testing the organization’s final security structures to make sure they function as planned
• Providing technical guidance and supervision for security teams
• Taking charge of any security awareness programs and educational efforts to better prepare non-IT personnel
• Responding immediately to any security-related incidents (e.g., data breaches, viruses, phishing scams) and providing a complete post-event analysis once there is a resolution.
• Updating and upgrading the organization’s security systems as needed

Other good to have Skills:

• Programming Languages: C, C++, JavaScript, Ruby/Python, SQL, Bash scripting, Powershell Scripting
• DevOps Tools: SonarQube, GitLab, Docker, Kubernetes, Fortify, Veracode, OpenVAS, Contrast Security, Aqua
• Security Assessment Tools: Aircrack-ng, Burp Suite, SQLmap
• Security Frameworks: NIST, SOX, HIPPA
• Operating systems: Linux, Unix, Windows, MacOS