ROLE OVERVIEW : Synthesis focuses on keys requirements and field of WASO activities development
Roles and Responsibilities :
- To take full responsibility for cybersecurity project life-cycle starting with the scoping/assess phase
- To manage a diverse group of stakeholders (technical & Business), including business owners, across different geographical regions
- To work directly with end-users in resolving project issues and ensuring the project meets the business partners' needs
- To manage risks, project change requests, and protection of system, networks, software, data and information systems against any potential attacks
- To report project status accurately following established cadence and escalate project issues promptly as they arise
- To perform the research and adopt latest technology on cybersecurity criteria, security systems, and validation procedures
- To investigate and provide security solutions using business standard analysis criteria
- To plan and design healthy security architectures for any cybersecurity project
- To manage vulnerability testing, penetration test, WAF protection, threat analyses, security checks, etc.,
- To deliver technical reports and official papers relating to test findings
- To formalize risk assessments, indicators, dashboard in accordance with security policies
- To give guidance to security teams
- To perform cybersecurity awareness and training.
Desired Candidate Profile :
- Experience of working in the industry sectors would be an advantage
- Experience of integration of security into projects is a must.
- Experience of conducting security risk assessments, security quality assurance would be beneficial.
- Experience of working as part of a team and in actively contributing to overall team deliverables
- Ability to work with dispersed and global teams and locations is essential.
- A strong communicator with the ability to influence people, principally business.
- Proficiency in a wide range of information security technologies including Risk Management, Threat Intelligence, Identity and Access Management, Security Assessment, Security Testing, Incident Management, Cloud Security, etc.
- Understanding and application of cyber security frameworks e.g. NIST, ISO-27001 and Information Security Management System ISMS -, GDPR, PCI DSS would be beneficial
- Understanding of Agile and DevSecOps methodologies including security of the CI/CD pipeline
- Understanding of Cloud DevSecOps concepts
- Understanding of AppSec frameworks (OWASP Guide, SANS CWE Top 25, CERT Secure Coding)
- Good working knowledge of Office 365 (MS Excel, MS Powerpoint, MS Project)
- Excellent verbal and written communication skills
- Relevant professional qualification would be advantageous if combined with practical experience
No comments:
Post a Comment