DescriptionINTECH Process Automation is looking for an energized and capable professional for the role of a Lead Cybersecurity EngineerAbout Us:INTECH Process Automation has been helping businesses transform for the future through next-generation Automation and Digital technologies for the past 30 years and counting. We are a globally renowned engineering company specializing in automation, electrical, energy transition, and digitalization solutions.Our application-specific solutions diversified and technically backed portfolio and expertise in equipment from major OEMs and system vendors are what differentiate us.His/hergeneral responsibilities shall include but not limited to the following:AssuranceConduct security audits and prepare to report.Have expertise in monitoring and compliance of different tools (OPM, ADAudit), processes (security control processes, controls (corrective and preventive), software (licensing and compline), network traffic (NetFlow, Wireshark), etc.Implement risk management frameworks (i.e. ISO-27001, NIST) which include conduct risk assessment, perform gap analysis and propose and implement risk mitigation plans.Conduct penetration testing using OWSAP, Burp Suit, NMAP, Nessus, and Kali Linux.Conduct vulnerability assessment.Implement email security controls e.g. SPF, DKIM, DMARC.Analyze cybersecurity laws issued by regulatory authorities and implement accordingly.Implement incident response framework (preferably NIST, MITRE) including forensic analysis, RCA, prepare the report and recommend action items/lesson learned.RnD and ImplementationConduct RnDs in different IT areas e.g. new and emerging technologies, security controls, new threats, areas of improvements, security controls, security frameworks, optimization of IT resources, monitoring tools.Implement ISMS i.e. ISO 27001 Security Controls at INTECH global offices.Write and implement policies in accordance with ISO 27001, NIST, regulatory and corporate laws.Get the DRPs implemented for all major and critical IT and security areas.Training and AwarenessConduct security awareness training to INTECH worldwide resources on regular basis.Enhance security awareness by sharing material with resources like flyers, posters, screen savers for new features/security controls.Conduct security surveys to get feedback and focus on week highlighted areas.Documentation & ReportingKeep INTECH IT and security documentation updated.Prepare regular and ad-hoc reporting e.g. Hardware health, internet traffic flows, antivirus, network equipment, and devices, and share with concern management on a defined frequency.Share DRP testing results on a regular frequency.Prepare security monitoring and compliance dashboard using Power BI.RequirementsSkillsHands-on working on Microsoft, Systems, Networks Technologies.Knowledge of cybercrime laws/requirements for each country.Ability to analyze and evaluate INTECH security policies, procedures and identify their strengths and weaknesses.Hands-on knowledge of the information security risk assessment process.Knowledge of conducting audits, preparing audit reports, presentations to management.Excellent documentation (writing policies etc) skills.Knowledge of network and applications attacks and prevention techniques.Knowledge of NIST, MITRE, ISO-27001, OWASP, CVSS, OSINT, GDPR, autopsy, Power BIEducation:Preferably candidate must have BCS/BS Computer Science degree from a reputable university.ISO 27001 Lead Implementer and Auditor Certifications (preferable).CISA / CISSP Certifications (must)CEH / Penetration Testing Certification (preferable)CCNP R&S / SecurityExperience:Minimum 3-4 years of work experience in the security field.Excellent written and verbal communication skillsJob Location: Lahore, Pakistan
#J-18808-Ljbffr