Description:
Key Responsibilities:
- Manage day-to-day information security operations, focusing on access control for software products, networks, and processes.
- Safeguard confidential client data and information.
- Guide software architects in threat management and preventive measures throughout the application development lifecycle.
- Conduct manual security testing and source code reviews for diverse technologies.
- Perform vulnerability assessments and penetration tests on critical data, services, and environments.
- Identify and report security vulnerabilities, proposing improved security measures.
- Handle incident response and related tasks as needed.
- Develop security requirements, technical designs, and configuration recommendations to enhance security infrastructure in collaboration with teams.
- Assist in designing and implementing security solutions for the organization's technical infrastructure and business applications.
- Evaluate and deploy security tools such as firewalls, intrusion detection systems, encryption technologies, and threat management utilities.
- Execute vulnerability and penetration tests to discover security weaknesses.
- Maintain data security through encryption, tokenization, and effective key management practices.
- Analyze and adjust network, system, and application configurations for optimal security.
- Ensure routine operations comply with established security policies.
- Stay current with the latest security technologies and countermeasures against emerging threats.
- Help develop long-term security testing strategies, risk assessments, and policy development.
- Conduct post-incident analyses to prevent future breaches and identify responsible parties.
Required Skill Set:
- Proficient in information security frameworks like ISO/IEC 27001, NIST, and OWASP.
- Strong knowledge of TCP/IP networking, switching, routing, and microservices architecture.
- Experienced with Linux systems and virtualization technologies.
- Skilled in application security, including the use of tools for vulnerability scanning and code analysis.
- Capable of implementing security architecture and technologies.
- Expertise in managing DNS, email security, VPNs, DDoS prevention, and proxy services.
- Proficient with security and monitoring tools such as SIEM/SOAR, Web Application Firewalls, and risk management solutions.
- Experience conducting vulnerability assessments and penetration tests.
- Capable of writing and implementing security policies and procedures.
Qualifications and Experience:
- Bachelor’s degree in Technology, Engineering, or Information Security.
- A professional security certification (e.g., CISSP, CISM, CEH) is preferred.
- At least 4 years of hands-on experience in information security management.
Organization | Irtiqa Business Solutions |
Industry | Management Jobs |
Occupational Category | Information Security Manager |
Job Location | Lahore,Pakistan |
Shift Type | Morning |
Job Type | Full Time |
Gender | No Preference |
Career Level | Experienced Professional |
Experience | 4 Years |
Posted at | 2024-07-20 11:02 am |
Expires on | 2025-01-28 |