✔ Creating/maintaining an ISO27001 ISMS or PCI compliance project and operation.
✔ Performing Business Impact Analysis, risk assessment and treatment.
✔ Operating, maintaining, auditing and improving Vulnerability Management, SIEM and Threat Intelligence systems.
✔ Perform response analytics during and after an incident, determine root cause and proper mitigation of cyber security events.
✔ To remain up to date with the latest threats and vulnerabilities to ensure operational tools and processes are up to date, introduce process improvements and ensure incident response plans are up to date and effectively tested.
✔ Ensure that customer information and information systems are protected from unauthorised access / intrusion, use, disclosure, disruption, modification or destruction.
✔ Perform periodic internal audits against policies and procedures to ensure conformance.
✔ Participate and assist in external audit activities.
✔ Perform periodic audit, review and contribute to the continuous improvement of IT security standards, processes and procedures.
✔ Knowledge of various technologies and operating systems and their related security configuration, hardening and risks, ie Linux/Unix, Mac OS, Containers, Office 365, etc.
✔ Deliver Information Security and awareness training programs.
✔ Ability to prepare policies around data (GDPR), access controls and also implement these policies.