Job Description

• Should have Cybersecurity Audit experience , PCI DSS/ISO27k/SOC1/SOC2 or any other cybersecurity framework.
• Should have conducted cybersecurity risk assessment.
• Should be into security control architect.
• Must have implemented security controls projects.

• Conduct monthly, quarterly, semi-annual, and annual application, infrastructure, microservices, API and cloud security assessments.
• 3+ years’ experience in ERM, BIA, DR and BCP.
• 3+ years’ experience with vulnerability management, SIEM and Log Management, Antivirus/Anti- Malware, proxy servers, DLP, IPS/IDS, VPN, PKI, Multi-factor authentication, cryptography.
• Detailed understanding of common exploits and their defense (EOP, DoS/DDoS, Spoofing, Phishing, Rootkits, RATs, key logging, Zero Day, SQL Injection, XSS, CSRF).
• Excellent in security incident response and to countermeasure atacks.
• Knowledge in common operating system and architecture, Windows, Linux, MS SQL, MySQL, Oracle, networking, etc.
• Research, perform gap analysis, implement, and maintain security controls excellence across existing and new applications, mobile apps, microservices, infrastructure and network.
• Audit/assess security controls to satisfy PCI DSS.
• Define application security policies, procedures, and provide application security architecture best practices.
• Facilitate cyber security training based on the department, role, responsibility, and data access.
• Manage technical, operational, and administrative projects across the Enterprise.