Role & Responsibilities
- Develop, execute, and track the performance of security measures to protect information and network infrastructure and computer systems
- Identify, define, and document system security requirements and recommend solutions to management
- Configure, troubleshoot, and maintain security infrastructure software and hardware
- Install software that monitors systems and networks for security breaches and intrusions
- Monitor systems for irregular behavior and set up preventive measures. Engineer, implement and monitor security measures for the protection of computer systems, networks, and information
- Plan, develop, implement, and update company’s information security strategy
- Educate and train staff on information system security best practices
- Manage Cyber Security Questionnaire handed out by clients
- Manage and maintain all IT security related documentation
- Prepare and document standard operating procedures and protocols based on guidelines from IT security frameworks like HIPAA, GDPR, HITRUST, ISO 27001, etc.
- Must have knowledge and experience of basic exploits and tools like tcpdump, Wireshark, Metasploit, Burp Suite, API, and Mobile App testing etc.
- Understanding of Reverse Engineering, Proxies, VPNs.
- Strong knowledge of Windows, Linux, and Mac Operating systems.
- Strong understanding of conducting various attacks such as XSS, CSRF, Injection attacks, Escalation of Privilege, Directory Traversal attack, DDoS, Slow packet injection, etc. and the knowledge of mitigating them.
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Ensure that the company knows as much as possible, as quickly as possible about security incidents
- Author comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement
Requirements ( Education & Experience )
- 4 - 7 years of proven work experience in Cyber Security projects
- Strong interest in the field of Cyber Security, Security Risk on Business, Networks, and Operating Systems
- Up to date knowledge of major new vulnerabilities and the ability to evaluate risk to the business
- Coordinating with the diverse teams to help in implementation of compliance requirements (HIPAA, HITRUST, GDPR, COBIT, ISO 27001, PCI-DSS, RBI, NIST etc.)
- Preferably CISA, CISSP, OSCP, or other technical certifications like CCNP Security, GIAC, and Microsoft Systems Developer training
BS/MS degree in Computer Science, Engineering, or a related subject
Preferred
- Considerable Experience working with diverse clientele, bonus points to experience with healthcare clients
- Hands-on knowledge in implementing Cyber security frameworks and securing certifications for organizations