Schedule and execute recurring IT controls for all enterprise systems.
Help to manage all remediations related to IT security controls execution.
Help document and refine policies and procedures within our information security management system.
Coordinate 3rd party security audits.
Coordinate 3rd party pen testing services.
Participate in the development of policies and procedures required for ISO-27001 certification and other security frameworks.
Help with the roll out of new security tools and processes.
Create and manage security awareness training campaigns.
Create and manage phishing simulation campaigns.
Create and manage information security pages on the company Intranet.
Participate in risk assessments in accordance with ISO-27001 requirements and participate in the development of risk treatment plans by working with asset owners.
Provide support for investigating security incidents, e.g., phishing attacks.
Help to operate our security operations center (SOC).
Job Requirements:
Bachelor s degree in information security, computer science, engineering, or related technical field with 1-3 years of relevant experience.
Possess one or more information security certifications such as CISSP, CISA, GIAC, CompTIA Security+, CCSP, AWS certification.
Experience monitoring IaaS, PaaS and SaaS environments for security events.
Experience using scripting/automating tools such as PowerShell, Python, and operating Active Directory and enterprise authentication and authorization mechanisms.
Experience with AWS security architecture and Cloud Access Security Brokers (CASB) highly preferred.
Excellent communication, presentation, and documentation skills.