İş məlumatları

Bakı

Şəhər

Kibertəhlükəsizlik üzrə mütəxəssis

Vəzifə

5 ildən yüksək

İş stajı

Tam-ştat

İş rejimi

Texnologiya

Sahə

Proqramlaşdırma

Kateqoriya

İş barədə məlumat

Position Summary:

As a Senior Cybersecurity Engineer is a crucial role in safeguarding the organization's digital assets and infrastructure. Cybersecurity Engineer will lead the design, implementation, and maintenance of security solutions, ensuring that our systems are secure against emerging threats. This position requires a strategic thinker with strong technical skills and the ability to mentor and lead junior team members.

Key Responsibilities:

Security Strategy Development:

• Conduct security threat modeling to identify potential attack vectors and develop a comprehensive cybersecurity strategy to mitigate those risks.
• Align the cybersecurity strategy with the organization's overall business objectives and risk tolerance.
• Continuously monitor and evaluate the effectiveness of the security strategy, making adjustments as needed.

Threat Analysis and Incident Response:

• Develop and implement a comprehensive incident response plan that outlines procedures for identifying, containing, eradicating, and recovering from security incidents.
• Lead or participate in security incident investigations, analyzing forensic data to identify the root cause and scope of the incident.
• Collaborate with internal teams (IT, legal, communications) and external stakeholders (law enforcement, forensics firms) during incident response activities.

Risk Management:

• Develop and maintain a risk management framework for identifying, assessing, prioritizing, and mitigating security risks.
• Conduct regular vulnerability assessments to identify weaknesses in systems, applications, and network infrastructure.
• Recommend and implement security controls and risk mitigation strategies based on risk assessments.

Security Architecture:

• Design and implement secure network architectures, including segmentation, demilitarized zones (DMZs), and secure network access controls.
• Develop secure system architectures that incorporate security principles like least privilege and defense in depth.
• Review and approve security designs for new and existing applications to ensure they adhere to security best practices.

Policy and Compliance:

• Develop and maintain security policies and procedures that address all aspects of information security, aligned with relevant regulations and standards (e.g., ISO 27001, NIST).
• Oversee the organization's compliance with security regulations and standards, conducting regular audits and gap analyses.
• Partner with legal and compliance teams to ensure security policies and procedures are legally sound and meet regulatory requirements.

Security Tools Management:

• Select, deploy, configure, and maintain a suite of security tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), security information and event management (SIEM) systems, and antivirus solutions.
• Develop and maintain playbooks and procedures for using security tools effectively for threat detection, logging, and incident response.
• Automate security tasks where possible to improve efficiency and effectiveness.

Security Awareness:

• Develop and deliver engaging cybersecurity awareness training programs for employees at all levels, tailored to their specific roles and responsibilities.
• Conduct phishing simulations and other exercises to test employee awareness and preparedness for cyberattacks.
• Promote a culture of security throughout the organization by encouraging employees to report suspicious activity.

Qualifications:

• Bachelor's degree in Computer Science, Information Security, or related field. Master's degree or relevant certifications (e.g., OSCP, CISSP, CEH) are a plus.
• Minimum 5-year experience in a security architect or similar role, with a track record of designing and implementing security solutions.
• Strong knowledge of security principles, protocols, and technologies, including firewalls, intrusion detection/prevention systems, VPNs, encryption, and authentication mechanisms.
• Hands-on experience with security tools and technologies, such as SIEM, DLP, IDS/IPS, and endpoint security solutions.

Please send your resume to the e-mail address by indicating job title in the subject line.

Vakansiyalardan daha tez xəbərdar olmaq üçün Telegram kanalımıza abunə olun!