Experience:7-10 years of experience in security and privacy roles.
Monitor, investigate, and respond to security incidents using DLP, EDR, and MDR solutions.
- Conduct Vulnerability Assessment and Penetration Testing (VAPT) to identify and mitigate risks.
- Implement and manage Data Loss Prevention (DLP) strategies to safeguard sensitive information.
- Ensure compliance with ISO 27001/27002 controls and support audit requirements.
- Analyze security events, perform root cause analysis, and recommend remediation measures.
- Collaborate with internal stakeholders to enhance the overall security posture
- Partner with internal departments, such as IT, Compliance, and Risk Management, to identify security gaps, implement best practices, and enhance overall cybersecurity measures.
- Conduct regular assessments of the organization's systems, networks, and processes to identify and mitigate potential security and privacy risks.
- Develop and enforce security and privacy policies, ensuring alignment with industry standards and regulatory requirements.
- Lead and participate in incident response activities, including investigation, analysis, and resolution of security incidents.
- Develop and deliver security awareness training programs to educate employees on security best practices and privacy guidelines.
- Implement and manage vulnerability assessment programs to identify and remediate security vulnerabilities in a timely manner.
- Ensure the protection of sensitive data through encryption, access controls, and other relevant measures.
- Work closely with cross-functional teams to integrate security and privacy considerations into the development lifecycle of applications and systems.
- Stay current with relevant security and privacy regulations, ensuring the organization's compliance with applicable laws.
Work Experience & Educational/Professional Certifications
- 7-10 Years of experience in cybersecurity.
- Proficiency in EDR, MDR, VAPT, and ISO 27001/27002.
- Strong analytical and problem-solving skills.
- Bachelor's degree in Computer Science, Information Security, or a related field.
- Industry-recognized certifications such as ISO 27001 LA,/LI, CEH, Security+ are a plus.
- Strong knowledge of security frameworks, standards, and best practices.
- Experience with risk management, policy and process documentation, and security assessments.
- Excellent communication skills and the ability to collaborate with diverse teams.
