Information Security Engineer
i2c
- Lahore, Punjab
- Permanent
- Full-time
- Work closely on security aspects of multiple technologies and methodologies as it relates to operating systems, databases, access controls, patch management, encryption, anti-virus, and vulnerability assessments etc. to assist the engineering and compliance team with effective research, data gathering, analysis, metrics, reporting and communications.
- Identify security prospects of multiple solutions that help keep the organization safe from threats.
- Provide direction to infrastructure, operations, data, and network teams throughout the implementation of security aspects in production, and beyond.
- Maintain knowledge of engineering next-gen designs, security trends, threats, and attack techniques.
- Translate threat intelligence into actionable security with available tools.
- Design and review the architecture for Systems, Networks, DB etc.
- Conduct Kaizen/continuous improvement events with Technology teams and follow up/assist with implementation.
- Help teams with readiness for external assessments against industry standards and review programs/documentation for conformance.
- Evaluate and recommend new information security technologies and practices along with improvement in current infrastructure.
- Suggest processes for adherence to information regulatory compliance globally.
- Review Information Security Program including Policies, Standards, Guideline and Procedures.
- Review Audit Logs, Risk Assessments, Vulnerability Assessments and do Gap Analysis.
- Make recommendations for improving Information Security Incident Management and participate in Root Cause Analysis.
- Build and maintain effective relationships with management, peers, project managers, and internal customers.
- Education: BS Computer Sciences
- Experience: Fresh to 2 Years
- Preferable CISA certified
- Information Security (Confidentiality, Integrity and Availability, Physical and Logical Security)
- Networks (Firewall, Routers, Switches and Network Diagram)
- Cryptography (Encryption, Decryptions Hashing algorithms, Key Management)
- Incident Management
- Interest in Compliance & Regulations.
- Audit Command Language/GRC Platform
- CIS-CAT Tool
- MS (Visio, Powerpoint, Excel, etc.)