CHILDFUND INTERNATIONAL
JOB DESCRIPTION
Title: Information Security Analyst
Div/Dept: Talent, Technology & Finance (TTF)
Reporting Relationship: Manager IT Security
Work Location: Country Office of Bangalore, India/ Jakarta, Indonesia/ Manilla, Philippines
SUMMARY
The Information Security Analyst performs two core security functions for the enterprise. The first is the day-to-day operations of the in-place security solutions (directly or indirectly) to ensure the secure operation of the in-house and cloud- based computer systems, servers, and network connections. This person will also analyze and resolve security breaches and vulnerability issues in a timely and accurate fashion. Conduct user activity audits where required.
The second is the involvement in the design implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as assisting in vulnerability audits and assessments. The Information Security Analyst is expected to be fully aware of the enterprise's security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.
DUTIES/RESPONSIBILITIES
Participate in the planning and development of enterprise security architecture, (infrastructure, hardware, and operating systems) and additional involvement in the implementation of IAM solutions for ChildFund
under the direction of the IT Security Manager
Participation in the creation of enterprise security documents (policies, standards, baselines, guidelines, architecture, and procedures)
Participation in the planning, design, and execution of an enterprise Business Continuity Plan, Disaster Recovery Plan, and Change Management Programs.
Participation in the planning, design, and execution of Group Security Polices via Active Directory for infrastructure and operating systems.
Device security, encryption techniques, standards, policies and procedures.
Implements and uses tools in support of network security.
Work in conjunction with the End Point Management Team.
Responsible for working with Application Development for roles and authorizations for all applications and developing roles based on segregation of duties authorizations. Responsibilities will include:
o Documenting roles-based access requirements
o Working with Business teams to develop the organizational segregation requirements for roles for various Line of Business applications.
Web-Social Networking, responsible for understanding security requirements and best practices in Web and Social Networking.
Manage all Information Security related vendors, outsourcers, and contractors to obtain protection services and products.
Participate in the design, manage, and perform ChildFund's information security awareness program.
Participate in regular Change Control/Management activities.
Maintain all documentation pertaining to Security configuration of devices and software.
Participate in the design and execution of vulnerability assessments, penetration tests and security audits.
Work in conjunction with appropriate resources (inhouse and outsourced) to deploy, manage and maintain all security systems and their corresponding or associated software, including but not limited to firewalls, intrusion detection systems, and anti-virus software.
Participate in external and internal audits related to IT.
Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
Stay abreast of the ever-changing trends and tools in the field of the information security.
QUALIFICATIONS/EXPERIENCE
2+ Years of relevant experience
2 – 5 years of network LAN WAN experience
Knowledge of standard concepts, practices, and procedures of networking
Knowledge or experience with PCI DSS, SOC 2, ISO 27000 Security Standards is a plus
Knowledge or experience working with SIEM tools, ticketing systems, and cyber security analytics.
Knowledge and experience with data privacy, security, and protection.
Understanding of Security protocols (IPSec), and encryption technologies (3DES, AES, SHA2, TLS).
A strong working knowledge of Windows operating systems at the server and desktop level is required
Knowledge of Active Directory and Exchange.
A working knowledge of Cisco Systems products, VMWare, SAN storage and Cloud environments is a plus.
Creativity and the ability to grasp new technologies quickly are essential
Must have strong inter-personal skills and the ability to train and share knowledge
English Required, Spanish, Portuguese, and/or French as a second language will be a plus
Some travel may be required
Must be able to work after hours and weekends as required.
EDUCATION
Bachelor's degree in Information Technology or closely related discipline or equivalent relevant work experience.
MCSE, CompTIA Security+, GIAC Information Security Fundamentals, Microsoft Certified Systems Administrator: Security, (ISC)2 SCCP, (ISC)2 CISSP, (ISC)2 ISSAP certifications preferred but not required.
Use the below link to apply for the position. https://childfundinternational.secure.force.com/careers/fRecruit__ApplyJob?vacancyNo=VN1860&
Last Application date: February 28,2023
Disclaimer: This job description is not an exhaustive list of the skill, effort, duties, and responsibilities associated with the position.
ChildFund International is committed to a workplace culture that promotes diversity, equity, and inclusion in all its forms. Furthermore, ChildFund International is committed to staff safety and security and the rights, and well-being of all our staff. ChildFund is committed to upholding our ethics and values and fulfilling our duty of care commitments to all staff and the children with whom it is in contact and to conducting its programs and operations in a manner that is safe.
0 Comments:
Posting Komentar