IT Security Specialist
Detail posisi
We are seeking an experienced IT Security Specialist to join our team and lead our cybersecurity efforts in industries including real estate, healthcare, e-commerce, or precast manufacturing. This role requires a highly skilled individual to design, implement, and maintain security strategies that protect our digital assets, ensure compliance, and reduce risk.
Kewajiban
• Security Strategy Development: Design, implement, and manage enterprise-level security policies and protocols tailored to industry-specific needs, ensuring the protection of sensitive data and compliance with regulatory standards.
• Threat and Vulnerability Management: Proactively monitor systems for security breaches, respond to threats, and conduct thorough vulnerability assessments and penetration tests.
• Incident Response and Recovery: Develop and execute incident response plans, ensuring timely and efficient mitigation and recovery in the event of security incidents.
• Compliance and Risk Management: Ensure compliance with relevant regulations and standards, such as GDPR, HIPAA, PCI-DSS, or industry-specific protocols.
• Collaboration and Training: Work closely with IT and business teams to implement secure systems and applications, and provide ongoing security training to staff to foster a security-conscious culture.
• Security Technology Management: Oversee the management and maintenance of security technologies, including firewalls, IDS/IPS, antivirus systems, and data encryption.
• Vendor and Third-Party Risk Management: Evaluate and manage security risks associated with third-party vendors, ensuring that their security practices align with organizational standards.
Kualifikasi
• Experience: At least 7-8 years of experience in IT security, with a focus on the real estate, healthcare, e-commerce, or precast industries preferred.
• Technical Skills: Expertise in security tools (firewalls, IDS/IPS, antivirus, etc.), security information and event management (SIEM), and cloud security. Familiarity with endpoint protection, VPNs, and encryption technologies is essential.
• Certifications: Relevant security certifications such as CISSP, CISM, CISA, or equivalent.
• Analytical Skills: Strong problem-solving skills with a proven track record in threat detection, risk assessment, and vulnerability management.
• Compliance Knowledge: In-depth knowledge of compliance frameworks such as HIPAA, GDPR, PCI-DSS, or industry-specific standards.
• Communication: Excellent verbal and written communication skills to effectively communicate security concepts to technical and non-technical audiences.