IT Security SME

About Our Client

Join a globally recognized public listed organization with a strong commitment to excellence and innovation. We are dedicated to maintaining the highest standards of governance, risk management, and internal control across our global operations. Our Group Audit function, composed of 22 highly skilled SMEs, plays a vital role in safeguarding our assets and ensuring compliance with regulatory requirements.

Job Description

• Security Audits: Conduct comprehensive audits of IT systems, networks, and applications to assess security risks and compliance with internal and external standards.
• Risk Assessment: Identify, analyze, and prioritize security risks, providing actionable recommendations to mitigate identified threats.
• Vulnerability Assessment & Penetration Testing: Perform detailed VAPT to identify security weaknesses, exploit vulnerabilities, and provide clear remediation strategies.
• Policy Development: Contribute to the development and enhancement of IT security policies, procedures, and guidelines to ensure alignment with best practices and regulatory requirements.
• Incident Response: Collaborate with the IT and audit teams to respond to security incidents, perform root cause analysis, and implement corrective actions.
• Collaboration: Work closely with other SMEs, IT teams, and business units to ensure the integration of robust security controls across all aspects of our IT environment.
• Continuous Improvement: Stay up-to-date with the latest security trends, vulnerabilities, and regulatory changes, and proactively recommend improvements to our security framework.
• Training & Awareness: Provide training and support to the audit team and other stakeholders on IT security best practices, enhancing the overall security awareness within the organization.

The Successful Applicant

• Bachelor's degree in Information Security, Cybersecurity, Information Technology, or a related field.
• Professional certifications in IT security (e.g., CISSP, CISM, CEH) with specific expertise in VAPT.
• Minimum of 6-8 years of experience in IT security, with significant hands-on experience in vulnerability assessment and penetration testing.
• In-depth knowledge of security frameworks, standards, and regulations (e.g., ISO 27001, NIST, GDPR).
• Strong analytical and problem-solving skills, with the ability to simulate real-world attack scenarios.
• Excellent communication and interpersonal skills, with the ability to articulate complex security concepts and VAPT findings to both technical and non-technical stakeholders.
• Experience in performing security audits, risk assessments, vulnerability management, and incident response.