Main Duties and Responsibilities:
- Takes on the responsibility for establishing, upkeeping, and managing access to the IT security infrastructure, along with offering technical guidance to users. Ensures consistent and standard operations of the systems, aligning with both local and international norms and practices. Guarantees that the designated systems are available, with swift and thorough restoration in case of any issues.
- Supports the IT Project Manager in formulating a comprehensive project strategy that encompasses security measures, identifies potential project hazards, and effectively addresses them as they arise.
- Aids the project manager in crafting and evaluating Security requirements, conducting Security architecture assessments, establishing Security Baselines, delineating Access Control Procedures, and validating access permissions for both new and existing systems.
- Conceives and engineers security architecture for both cloud and hybrid cloud environments, ensuring that they align with business needs while maintaining minimal risk and robust security safeguards.
- Executes modifications, such as upgrades, enhancements, and configuration changes, to both production and test environments within the IT Security domain, adhering to established change management protocols.
- Administers Firewalls, Cloud Web Proxies, Cloud Email Gateways, and Azure Cloud services, ensuring access is granted based on requests and validating that all firewalls adhere to security best practices.
- Contributes to the planning and monitoring of utilization and capacity for existing and proposed security systems, taking part in relevant tasks and selecting suitable tools and methodologies to generate precise data for measurement, estimation, planning, and optimization of capacity.
- Ensures the swift and effective resolution of IT security incidents, providing both primary and secondary support to resolve issues through root cause analysis, temporary solutions, or permanent fixes. Maintains communication with vendors to guarantee timely and comprehensive resolution of reported incidents.
- Evaluates Access Requests for new permissions and administers logical access controls across various platforms, ensuring uninterrupted and secure access to IT resources.
- Strives to enhance and optimize processes to bolster primary and secondary support capabilities within the IT Security environment.
- Conducts investigations into IT security violations and incidents, aiming to refine practices and procedures, and mitigate the likelihood and severity of future security-related issues.
- Plays an active role in the business continuity technical IT team during crisis situations, aiding in the recovery and management of the IT Security framework. Participates in the review of deliverables from implementation and maintenance activities, and advocates for any necessary modifications to IT recovery plans.
Skills
Education
- B. Sc. in Computer Science, Engineering or equivalent
- Certifications in Firewalls and other IT security systems
- Certifications in Microsoft Azure Security and M365 Security
- ITIL foundation
Experience
- +7 years experience in managing medium to large IT Security environments +5 years practical on-the-job experience in managing Cloud platforms security.
- +5 years of experience in working with cloud security and governance tools, cloud access security brokers (CASBs) and server virtualization technologies.
Technical Expertise / Skills / Knowledge
- Working knowledge of Routers, Firewalls, Cloud Web Proxy, Cloud Email Gateways, Zero Trust Network (Private Access), Microsoft Azure Security, M365 Security.
- Working knowledge of Microsoft Azure and Oracle Cloud.
- Working Knowledge of Cloud Security Monitoring and Compliance platforms.
- Risk assessments related to Cloud platforms.
- Expertise in assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (Application Security), data protection, cryptography, key management, identity and access management (IAM), network security) within SaaS, IaaS, PaaS, and other cloud environments.
- Working knowledge of common industry standard cloud-native/cloud-friendly authentication mechanisms (OAuth, OpenID, etc).
- Experience performing threat modeling and design reviews to assess security implications and requirements for the introduction of new technologies.
- Ability to construct, interpret and execute test plans to verify correct operation of completed systems.
- Good knowledge of IT security risk analysis methods, tools and techniques and utilize to identify potential exposures to application systems critical to the continuity of the organizations.
- Basic knowledge of programming techniques such as Functions, Loops, Conditional Statements, etc.
- Sound analytical and intellectual capabilities
- High level of accuracy and attention to detail
- Good communication skills (spoken & written)
- Good interpersonal skills and ability to interact effectively with managers / staff from different cultural backgrounds.
- Demonstrable track record in leading IT Security related activities, projects and operations.
- Proven project management skills, including solid understanding of project control skills (risk management, monitoring, and troubleshooting).
- Possesses a solid understanding of the offerings within the Microsoft Azure platforms.