-Engineer, implement and monitor security measures for the protection of computer systems, networks and information
-Identify and define system security requirements
-Explaining the requirements, documentation and implementation of Information Security Management System (ISMS) based on ISO 27001:2013
-Design system security architecture and develop detailed security designs
-Prepare and document standard operating procedures and protocols
-Perform information technology security research to remain current on emerging technology trends and develop exploits for disclosed and undisclosed vulnerabilities
-Performs penetration testing using standard penetration tools (Metasploit, Nmap, Nessus, Burp Suite, etc.)
-Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
-Ensure that the company knows as much as possible, as quickly as possible about security incidents
-Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
-Taking action to respond to security incidents
-Protect system by defining access privileges, control structures, and resources
-Recognize problems by identifying abnormalities; reporting violations -Implement security improvements by assessing current situation, evaluating trends; anticipating requirements
-Determine security violations and inefficiencies by conducting periodic audits
-Keep users informed by preparing performance reports, communicating system status
-Maintain quality service by following organization standards
-Contribute to team effort by accomplishing related results as needed
-Ensure that information security controls are in place and monitored regularly for compliance with established set policies and standards
Requirements
-BSc or MSc Degree in IT/ Computer Engineering / or related fields
-Minimum of 3 years related job experience -Advanced knowledge of Open source Security Products
-Deep Knowledge & Hands on experience on Information security and related technologies such as Juniper, Fortinet, Cisco, Microsoft
-Demonstrated experience in the deployment and support of next generation firewalls, advanced threat detection and response technologies (IDS, IPS, WAF, DLP), security information and event management systems (SIEM)
-Good documentation skills
-High level interpersonal skills with developed client relationship and negotiation experience
-Excellent problem solving skills -Strong communication skills
-Passion for Information Security
-Information Security certifications (Security+, CCNA Security, CCNP Security, LPIC 2, ISO 27001:2013 Lead Auditor, CEH are considered as a plus.
-Good command of English
-Ideal age range: between 25 to 35 years
-Based in Tehran