Job Description:

In this role, you will play a crucial part in safeguarding our organization's digital assets by assessing and mitigating cybersecurity risks. Your responsibilities will encompass a wide range of tasks related to the latest cyber threats, incident handling, and the establishment of robust security policies, procedures, and standards.

Key Responsibilities: 

➢    The Cybersecurity Analyst is responsible for ensuring the security and integrity of our organization's digital assets. This role involves a wide range of activities, from implementing preventive security measures to conducting penetration tests and audits.

➢    Perform External ASV scanning, Internal vulnerability scanning, External network penetration testing, and Internal Network penetration testing to identify and address security vulnerabilities.

➢    Execute Application security scanning, APT (Advanced Persistent Threat) assessments, and Segmentation penetration testing to safeguard our systems and data.

➢    Develop and maintain security policies and procedures documents and contribute to the hardening process of systems and applications.

➢    Conduct PCI DSS Audits and actively participate in Cybersecurity Risk Response activities.

➢    Promote security awareness within the organization through training and awareness programs.

➢    Utilize Data Loss Prevention (DLP) tools and perform penetration testing, including Grey Box and Black Box testing methodologies.

➢    Implement a risk management framework based on NIST (National Institute of Standards and Technology) to formulate a comprehensive cybersecurity strategy and policies.

➢    Collaborate with the IT Steering Committee and contribute to the development of a cyber incident framework, responsibility charters, and governance documents.

➢    Participate in incident response activities, ensuring that the organization is well-prepared for and capable of responding to security incidents effectively.

➢    Manage data classification and DLP solutions, and oversee the deployment of Security Information and Event Management (SIEM) systems for advanced threat detection and logging.

➢    Continuously monitor and update the cybersecurity risk management framework and policies to adapt to evolving cyber threats.

➢    Develop Key Risk Indicators (KRI) and Key Performance Indicators (KPI) to measure and report on the organization's cybersecurity posture.

➢    Stay informed about relevant external cybersecurity incidents and incorporate best practices to enhance our cybersecurity strategy.