|Position||:||IT Security & Compliance Engineer (12 Months Contract)|
|Business / Support Unit||:||Energy Market Company|
The IT Security and Compliance Engineer will manage the day to day 24x7 security operations protecting EMC's computing and digital assets. The selected candidate will manage and ensure compliance of security programs and security efforts across the Company as well as managing the design and implementation of preventative and detective security policies, processes, procedures, and programmes.
The role will take care of the following main work areas:
- Manage and maintain the security infrastructure availability by tracking the performance of the managed security services, maintenance renewal of all security services and equipment. Manage external vendors to provide the 24x7 support and track their performance to ensure compliance to the SLA.
- Oversee and manage the detection and monitoring of cyber risks to the IT Systems.
- Review cyber threat and system vulnerability to the IT Infrastructure and Applications.
- Manage the tracking and mitigation of identified and suspected vulnerabilities through to closure.
- Manage and report security incidents, identify affected systems and user groups, trigger proper escalations and announcements to relevant stakeholders and efficient resolution of the situation, including the analysis of incidents' root causes and implementation of mitigations and/or prevention processes and policies.
- Perform diagnostic and recovery activities for complex cyber-incidents, develop and maintain incident management procedures and synthesis incident related analysis to distil key insights, recommend and/or resolve incidents and establish mitigating and preventive solutions.
- Manage the government security authorities for cyber security exercises, code of practices and other government security initiatives.
- Establish the security policies, frameworks and practices for the control of IT project implementation, operations, maintenance and contractor work activities.
- Implement Standard Operating Procedures (SOPs) and ensure respective teams implement proper risk mitigation plans.
- Effectively manage end to end security project management.
- Perform security risk assessment for new projects and perform regular checkpoints to ensure security requirements are tested and fulfilled during project implementation.
- Manage and support internal and external audits concerning operational security framework, policies and implemented standards.
Note: This is a 12 months contract role.
- Degree in IT, Computer Science or equivalent.
- Possess security certification such as CISSP, CISM or CISA.
- Min 5 years of progressive security experience, including 5 years of related management experience.
- Experience in the energy industry and/or public service is preferred.
- Operational knowledge of security processes and standards in all security domains. High level knowledge of security audit and audit processes. Broad IT knowledge and experience is a plus.
- Possess diagnostic skills and recovery experience in IT infrastructure, systems and applications.
- Good communication and interpersonal skills.
- Able to handle multiple projects in a fast-paced environment.