We are seeking a knowledgeable and versatile Information Security Generalist to join our clients dynamic Information Security team. The ideal candidate will possess a broad understanding of information security principles, practices, and technologies.
Key Responsibilities:
Security Monitoring and Incident Response:
- Monitor and analyze security alerts from various sources (SIEM, IDS/IPS, firewalls).
- Investigate and respond to security incidents, performing root cause analysis and remediation.
- Develop and maintain incident response plans and procedures.
Risk Assessment and Management:
- Conduct security risk assessments and vulnerability assessments.
- Identify, prioritize, and track remediation efforts for vulnerabilities and security risks.
- Develop and implement risk mitigation strategies.
Compliance and Governance:
- Ensure compliance with relevant security standards and regulations (e.g., ISO 27001, GDPR, HIPAA).
- Assist in the development and maintenance of security policies, procedures, and guidelines.
- Participate in internal and external security audits.
Security Architecture and Engineering:
Assist in the design and implementation of secure network, system, and application architectures.
Review and recommend security controls and technologies to protect company assets.
Conduct security assessments of third-party vendors and service providers.
Continuous Improvement:
Stay up-to-date with the latest security trends, threats, and technologies.
Participate in continuous improvement initiatives to enhance the organization's security posture.
Collaborate with cross-functional teams to integrate security best practices into business processes.
Qualifications:
Experience:
- 3+ years of experience in information security or related roles.
- A degree in Information Security, Computer Science, or related field will be a plus but not essential
Preferred Certifications:
- Certified Information Systems Security Professional (CISSP)
- Certified Information Security Manager (CISM)
- Certified Ethical Hacker (CEH)
- CompTIA Security+