BCTAS

Mô tả Công việc

1. Systems Management:

• Threat Monitoring and Analysis: Continuously monitor networks and systems for security breaches or vulnerabilities and investigate and respond to potential threats.
• Security Policy Development: Develop, implement, and enforce security policies, procedures, and protocols to protect sensitive data and ensure regulatory compliance.
• Risk Assessment and Vulnerability Management: Proficient in conducting regular risk assessments, vulnerability scans, and penetration tests, and collaborating with IT teams to implement remediation strategies for enhanced cybersecurity posture
• Audit: Review all changes of systems, make sure all changes are recorded (including quality and process verification are meeting standards)
• Incident Response: Lead incident response efforts, including containment, eradication, and recovery from security breaches, and document lessons learned.
• Identity and Access Management: Manage and monitor access controls, permissions, and multi-factor authentication systems to ensure appropriate user access.
• Using data loss prevention technologies/strategies to protect sensitive data and develop and implement extensive security plans, policies and procedures to protect personnel, assets and information.

2. Troubleshooting and Support

• Provide technical support for end-users and troubleshoot issues related to security issues.
• Employee Training and Awareness: Conduct training and awareness programs to educate staff on security best practices, phishing threats, and safe online behavior.
• Collaboration: Work closely with IT and development teams to design secure infrastructure and recommend security improvements.
• Incident Response & Documentation: Leading incident response efforts, including root cause analysis and post-incident reporting, to ensure lessons learned are integrated into future security planning.

Yêu Cầu Công Việc

• Education & Major: Information Technology, Computer Science, or a related field. Industry certifications preferred
• License & Certificate: Relevant certifications (e.g., CISSP, CEH, CompTIA Security+) is a plus.
• English level: Good
• Strong knowledge of SIEM, firewalls, VPNs, IDS/IPS, data loss prevention (DLP) technologies multi-factor authentication (MFA), and vulnerability scanning tools (e.g., Nessus, Qualys).
• Proficiency with security protocols, encryption, and cryptography.
• Familiarity with compliance standards (e.g., GDPR, HIPAA, PCI-DSS).
• Experience with vulnerability scanning and penetration testing tools.
• Ability to conduct root cause analysis for security incidents.