AgileEngine is looking for an Information Security Specialist to become a member of the Information Security Team, who will be responsible for developing and implementing information security policies, analyzing and addressing the security of network infrastructure, servers, services and data, establishing security processes and improving the overall security posture of the company.
What you will do
● Maintain AgileEngine’s Information Security Framework and underlying policies, procedures and guidelines
● Design and implement controls to ensure that security requirements are met
● Develop and integrate security solutions and technologies
● Implement security best practices, hardening guidelines and protection profiles
● Perform on-going security monitoring of information systems including assessing information security risk through risk analysis
● Conduct gap analysis and vulnerability assessments on a regular basis and consult in mitigating vulnerabilities
● Manage and configure various security tools (SIEM, SOAR, HIDS/NIDS, WAF, etc.)
● Response to security incidents and vulnerability management processes
● Evaluate and recommend new information security technologies and counter-measures against threats to information and systems
● Conduct periodic internal information security audits
● Help to create effective staff training programs to increase security awareness across AgileEngine
Our team is missing someone who has
● Upper-Intermediate spoken and written English
● Knowledge of information security principles, practices, and methodologies
● Knowledge of one of the following standards: ISO 2700x, NIST CSF, PCI DSS, BSI
● Knowledge of network architectures and principles of secure network design
● Knowledge of troubleshooting principles and practices applicable to areas of responsibility
● Practical experience in writing of security policies/procedures
● Practical experience in incident response process
● Practical experience in operating system hardening and secure configuration
● Hands-on experience with vulnerability assessment tools
● Hands-on experience with SIEM and monitoring tools
● Ability to compose clear, complete and concise reports using correct grammar, syntax, punctuation, and spelling
● Ability to analyze complex systems, identify problems and develop logical conclusions and effective solutions