Job Description
DescriptionINTECH Process Automation is looking for an energized and capable professional for the role of a Lead Cybersecurity Engineer
About Us:
INTECH Process Automation has been helping businesses transform for the future through next-generation Automation and Digital technologies for the past 30 years and counting. We are a globally renowned engineering company specializing in automation, electrical, energy transition, and digitalization solutions. Our application-specific solutions diversified and technically backed portfolio and expertise in equipment from major OEMs and system vendors are what differentiate us.
His/her general responsibilities shall include but not limited to the following:
Assurance
- Conduct security audits and prepare to report.
- Have expertise in monitoring and compliance of different tools (OPM, ADAudit), processes (security control processes, controls (corrective and preventive), software (licensing and compline), network traffic (NetFlow, Wireshark), etc.
- Implement risk management frameworks (i.e. ISO-27001, NIST) which include conduct risk assessment, perform gap analysis and propose and implement risk mitigation plans.
- Conduct penetration testing using OWSAP, Burp Suit, NMAP, Nessus, and Kali Linux.
- Conduct vulnerability assessment.
- Implement email security controls e.g. SPF, DKIM, DMARC.
- Analyze cybersecurity laws issued by regulatory authorities and implement accordingly.
- Implement incident response framework (preferably NIST, MITRE) including forensic analysis, RCA, prepare the report and recommend action items/lesson learned.
RnD and Implementation
- Conduct RnDs in different IT areas e.g. new and emerging technologies, security controls, new threats, areas of improvements, security controls, security frameworks, optimization of IT resources, monitoring tools.
- Implement ISMS i.e. ISO 27001 Security Controls at INTECH global offices.
- Write and implement policies in accordance with ISO 27001, NIST, regulatory and corporate laws.
- Get the DRPs implemented for all major and critical IT and security areas.
Training and Awareness
- Conduct security awareness training to INTECH worldwide resources on regular basis.
- Enhance security awareness by sharing material with resources like flyers, posters, screen savers for new features/security controls.
- Conduct security surveys to get feedback and focus on week highlighted areas.
Documentation & Reporting
- Keep INTECH IT and security documentation updated.
- Prepare regular and ad-hoc reporting e.g. Hardware health, internet traffic flows, antivirus, network equipment, and devices, and share with concern management on a defined frequency.
- Share DRP testing results on a regular frequency.
- Prepare security monitoring and compliance dashboard using Power BI.
RequirementsSkills
- Hands-on working on Microsoft, Systems, Networks Technologies.
- Knowledge of cybercrime laws/requirements for each country.
- Ability to analyze and evaluate INTECH security policies, procedures and identify their strengths and weaknesses.
- Hands-on knowledge of the information security risk assessment process.
- Knowledge of conducting audits, preparing audit reports, presentations to management.
- Excellent documentation (writing policies etc) skills.
- Knowledge of network and applications attacks and prevention techniques.
- Knowledge of NIST, MITRE, ISO-27001, OWASP, CVSS, OSINT, GDPR, autopsy, Power BI
Education:
- Preferably candidate must have BCS/BS Computer Science degree from a reputable university.
- ISO 27001 Lead Implementer and Auditor Certifications (preferable).
- CISA / CISSP Certifications (preferrable)
- CEH / Penetration Testing Certification (preferable)
- CCNP R&S / Security
Experience:
- Minimum 3-4 years of work experience in the security field.
- Excellent written and verbal communication skills
Job Location:
Job Details
- Job Location
- Pakistan
- Company Industry
- Other Business Support Services
- Company Type
- Unspecified
- Employment Type
- Unspecified
- Monthly Salary Range
- Unspecified
- Number of Vacancies
- Unspecified