کارشناس ارشد امنیت شبکه

Job Description

• Analyze security logs, trace attacks, and report threats.
• Install and maintain security equipment such as WAF and firewalls (Fortinet, Sophos, etc.).
• Maintain and improve the security posture, hardening of the network environments, and vulnerability remediation deployments.
• Define network security policy and documentation procedures.
• Work independently with network/system administrators, developers, product owners, and other colleagues to ensure the mitigation of threats, incident handling, and implementation of our applications. vulnerability assessment, system security configurations, access control management, collaboration, and information classification.
• Security Policy & Architecture: Design, implement, and enforce network security policies, access control mechanisms, and data protection measures to safeguard organizational assets.
• Security Operations Center (SOC): Lead the operation of the Security Operations Center to monitor security events, identify potential vulnerabilities, and provide actionable intelligence for threat mitigation.
• Security Tool Configuration & Support: Configure, maintain, and optimize security tools such as firewalls, antivirus software, patch management systems, and intrusion detection/prevention systems (IDS/IPS).
• Vulnerability Assessment: Plan and conduct regular internal and external security assessments. Provide detailed reports for security audits.
• System Security Configurations: Provide secure baseline configurations for all IT services, ensuring adherence to minimum security configurations during deployment.
• Monitoring & Reporting: Continuously monitor security logs, reports, and system performance to detect any potential security incidents and ensure smooth operations.
• Backup & Recovery Management: Oversee the backup and disaster recovery processes, ensuring the integrity and availability of organizational data and services.
• Incident Response & Data Recovery: Develop and implement rapid-response procedures for security incidents, including data breach containment and recovery protocols.
• Access Control Management: Oversee high-level access control processes and manage privileged user access across the organization’s systems.
• Collaboration & Information Classification: Collaborate with internal teams to classify sensitive data and contribute to the development of security policies to protect organizational information.

Requirements:

• Good knowledge of system logs and audit trails.
• Familiar with ITIL and ticketing systems.
• Ability to work with other groups to resolve incidents.
• Ability to effectively prioritize and execute tasks in high-pressure situations.
• Strong communication skills.
• Knowledge of ISO 9001 and ISO27001 standards and the ability to implement related measures
• Proficient in network and service security solutions (Hardening) according to CIS standards.
• Experience & Education: At least 3 to 5 years of experience in IT security or a related field, with hands-on expertise in managing complex security infrastructures.
•  Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field.

Technical Expertise:

• Expertise in security tools, including firewalls, antivirus software, and patch management systems.
• Strong understanding of Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS).
• Experience in designing and implementing security strategies to comply with industry standards.
• Ability to design and implement effective security frameworks and incident response procedures.
• Knowledge of backup solutions and disaster recovery plans.