Cyber security specialists assess, plan, and enact security measures to help protect an organisation from security breaches and attacks on its computer networks and systems. This job involves simulating attacks to identify vulnerabilities, testing new software to help protect the company’s data, and helping users adhere to new regulations and processes to ensure the network stays safe.
Experience: 2 to 5 years
Candidate should have a key understanding of technology, IT, and governance aspects from a Cyber Security perspective
Candidate should have an understanding on performing gap assessment on organisations Cyber security landscape primarily to prevent them from cyber security threats
Candidate should have exposure to design, development, implementation and maintenance of information security framework aligned to framework like ISO 27001:2013
Candidate should have managed end-to-end Information security, and cyber security for its organisations.
Experience in performing the risk assessment from Cyber Security, Business Continuity, and Privacy perspective.
Experience in Data Privacy including design/ development and review of privacy framework aligned with GDPR requirements and GAPP framework.
Experience in design/ assessment/ review of information security and privacy framework aligned to IT Act requirements.
Cyber Incident Response.
Regulatory compliance assistance in Cyber for some of the key sectors including Telecom, and the Health Industry.
Development and documentation of information security / cyber security policies and procedures.
Exposure to international standards like NIST, CIS 20, ISO27001, ISO 22301, ISO 20000, PCI-DSS, and certifications like CISM, and CISSP are added advantages.
Aligned organisation strategy to cyber strategy.
Developing cyber strategy roadmap, helping in the implementation.
Performing maturity assessment for cyber setup.
Recommending a roadmap for strengthening the organisation's cyber security posture.
Ability to perform an independent assessment for third parties and provide recommendations to clients in order to minimize cyber security risks
Strengthening of organisations business continuity posture.
Candidate should have experience in working in teams and managing internal and external stakeholders.
Client Relationship Building and Management:
Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence, and a positive client work environment.
Leads the client lifecycle from initial contact through delivery.
Manages client expectations and client satisfaction. Acts as an advisor and partner to the client.
Works with the client to minimize delivery disruptions and effectively manages client urgencies.
Cloud Security :
Enable developers to find and fix security-related code defects.
Ability to provide remediation coaching and guidance on security-related code defects.
Govern the use of open source components.
Understanding the basics of software development.
Manage and report on application security policy, KPIs, and metrics.
The ability to measure meaningful metrics at each point in the SDLC process.
Understand the requirements for security testing solutions in a DevOps & DevSecOps environment — including the need for immediacy and accuracy of results to avoid impacting the delivery cycle — and enable dev to use these solutions Basic understanding of developer role and tools, and the operation of a modern software delivery pipeline/factory.
Create developer security champions.
Bachelor’s degree in Computer Science or related field.
Experience managing Information Security program, Cloud Security.
CISM®, CISSP or other recognized Security Certification is an added advantage.
In-depth knowledge of architecture, engineering, and operations of at least one enterprise SIEM platform, experience in establishing and running SOC.
Knowledge of internationally recognized standards, frameworks, and best practices related to information security governance and strategy development.
Knowledge of methods to implement and communicate information security policies, standards, procedures, and guidelines.
Knowledge of reputable, reliable, and timely sources of information regarding emerging information security threats and vulnerabilities.
Knowledge of control baseline modelling and its relationship to risk-based assessments.
Knowledge of applicable practices and laws relating to data privacy and protection.
Should have 8 to 10 years of experience managing and supporting complex global environments.
Passionate, Self-motivated, and driven, with keen attention to detail, action-and-results oriented.
Excellent interpersonal, verbal, and written communication skills as well as strong logical, analytical, problem-solving skills and reporting skills.
Able to prioritize and execute tasks in a high-pressure environment.
We believe a happy employee is a productive employee. As a company catering to the healthcare industry, we are making an impact in the world of health and wellbeing by creating products and services that genuinely meet the needs of end-users. All our products and services are evidence-driven. We test, we learn, and we deliver high-quality products.
Our team consists of people from all walks of life including designers, developers, testers, DevOps engineers, project managers and researchers who are passionate about learning and delivering. We work closely with clinicians and other third parties to ensure we are utilising the best brains in the business across many sectors.
We are always employee-first. Once you are part of our team, you reap the best benefits from the best package to Diwali bonus, Annual performance bonus, Medical Insurance and Life insurance- for you and your family, etc.
If you want to be a part of our small but growing team and work in a fun environment, we would love to hear from you.
To apply, please send us:
CV - showing your key skills, interests and personality
Short cover letter - why is working at Mediwave Digital right for you?
Applications should be sent to email@example.com