— Good knowledge of SIEM systems, Antivirus Enterprise solutions, DLP systems, Vulnerability scanners, Web Application Firewall, IPS/IDS.
— Hands-on experience with web application security (good understanding of OWASP Top 10).
— Forensic tools, experience in cybercrime investigation
— Extensive knowledge of web technologies and concepts from the security perspective
— Operation Systems administration, Network architecture, Applications administration.
— Knowledge of threat modeling or other risk identification techniques, system security vulnerabilities and remediation techniques.
— Good communication skills with engineers and senior management, both orally and written
— Strong investigative and analytics problem solving skills
— English level — Upper-Intermediate and above
— Information security incident handling.
— Creation and monitoring of corrective and preventive actions.
— Performing of forensic investigation.
— Performing of penetration testing.
— Analysis and confirmation of information access provision.
— Managing of corporate antivirus service.
— Monitoring of corporate environment using SIEM, DLP, IDS/IPS systems.
— dentifying of vulnerabilities and breaches in corporate systems, applications and services.
— Collaboration with various team members and departments on continuous revision of network, operations, applications and application security practices.
— Developing and implementation of security policies, standards, procedures and guidelines.
— Work as a team member performing any and all functions necessary for the successful operation of the company as determined by the InfoSec Manager.
— Maintein PCI DSS related procedures
— Setup network, storage and security environments, leveraging an infrastructure as code approach.
— Assure cloud solutions and frameworks are built with consideration toward PCI compliance requirements.