IT & Cyber Risk Manager

Job Responsibilities:

• Monitor and maintain the internet, email and web security for entire organization.
• Track, monitor, analyze and resolve any vulnerability or security issue.
• Monitor on new CVE and ensure affected systems are being patched accordingly.
• Respond and resolve any vulnerability or security incident that may arise.
• Act as the point of contact on any security incidents to respond, isolate, remediate, or resolve the incident quickly.
• Ensure periodic testing of the organizations network and systems to determine security violations and inefficiencies.
• Stay up-to-date on the latest cyber threats and to adapt CIS Benchmarks to proactively safeguard any new emerging security risks.
• Manage user accounts and access controls.
• Develop, implement and maintain the IT and Cyber security frameworks, procedures and policies.
• Safeguard all network elements including but not limited to computer networks, local area networks (LANs), wide area networks (WANs), internet connections, intranet, VPNs, VLANs, VoIP and other data communication systems.
• Monitor network performance, identify bottlenecks, and troubleshoot network issues.
• Create user awareness with continuous education on Cybersecurity.

Key Skill Requirements:

• Proficiency in conducting regular vulnerability assessments of the systems to prevent any security incident.
• Awareness of the latest methods used by hackers and malicious elements to break into systems.
• Competency to use the available tools to discover any dubious movement in the network and system.
• Soft skills including effective verbal communication and advanced written with all levels in the company.
• Knowledge of cyber laws and compliance requirements as per the law of the land.
• Ability to conduct an in-depth analysis of computer networks and identify any vulnerabilities in the system. Attention to detail is a fundamental personality trait for this position and able to meet deadlines with minimal supervision.

Qualification and Experiences requirement:

• Bachelors degree in Information Technology (IT), Information Security (IS) or equivalent education with work related experience.
• Minimum 5-8 years of prior relevant experience.
• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g., Full-Packet Capture FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning and monitoring solutions.
• Experience on Office365 and other Cloud Security (e.g., GCP, AWS, Azure).
• Understanding of mobile technology and OS (e.g., Android, Huawei, iOS, Windows), VMware technology is a plus.