Data security is a core value for Concise. Help to safeguard our organization’s computer networks and systems; plan and carry out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks; work as part of a larger IT team.
Accountabilities in the role
- Develop Information Security Plans and Policies
- Help plan and carry out information security strategy; develop a set of security standards and best practices, and recommend security enhancements to management as needed.
- Develop strategies to respond to and recover from a security breach.
- Responsible for educating our teams on information security through training and building awareness.
- Work with IT colleagues on the install and use software, such as firewalls and data encryption programs, to protect sensitive information.
- Assist users with installation or processing of new security products and procedures.
Test for Vulnerabilities
- Conducts periodic scans of networks to find any vulnerability.
- Conduct penetration testing, simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party.
Monitor for Security Breaches
- Constantly monitor our networks and systems for security breaches or intrusions.
- Install software that helps to notify them of intrusions, and watch out for irregular system behaviour.
Investigate Security Breaches
- If a breach has occurred, lead incident response activities to minimize the impact.
- Lead a technical and forensic investigation into how the breach happened and the extent of the damage.
- Prepare reports of their findings to be reported to management.
Information Security Engineer Skills
- A strong multi-tasker with a keen eye for detail
- thinks one step ahead of criminals.
- well organized and thrive in fast-paced, high-stress scenarios
- Direct experience with anti-virus software, intrusion detection, firewalls and content filtering
- Knowledge of risk assessment tools, technologies and methods
- Experience designing secure networks, systems and application architectures
- Knowledge of disaster recovery, computer forensic tools, technologies and methods
- Experience planning, researching and developing security policies, standards and procedures
- Ability to communicate network security issues to peers and management
- Ability to read and use the results of mobile code, malicious code, and anti-virus software