Our Mission is to Simplify Life. We are looking to Simplify and automate complex decision-making for customer centric industries, like Utilities, Financial Services, Logistics, and commerce, that drive the world's economies and you have the chance to join the revolution. We are trying to solve huge challenges in today's enterprise that are directly impacting the employee and customer experience. What can we promise you:
You’ll join a global family of awesome, passionate people that are working together to build a sustainable, scalable ecosystem committed to using logic to create a better experience.
We want you to help us become better. You will be empowered to drive change and innovate.
That we will invest in you. We will give you the opportunity to master your domain and drive excellence.
The Cybersecurity Engineer is responsible for implementing the latest technologies to support Avertra’s IT security framework and ensuring that Avertra’s security program is carried out across the organization.
Main Job Responsibilities:
Conducts network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, SIEM, NAC, Vulnerability Management tools, and Host Based Security System (HBSS), etc.
Correlates activity across networks, applications, and systems to identify trends of unauthorized use or opportunity for misuse.
Reviews alerts and data from sensors and documents formal, technical incident reports
Research emerging threats and vulnerabilities to aid in the identification of incidents.
Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization.
Identifies and resolves false positive findings in assessment results.
Performs compensating controls analysis and validates efficacy of existing controls.
Generates reports on assessment findings and summarizes to facilitate remediation tasks.
Develops and enforces computers, software, switch, and routers security standards.
Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies.
Recommends improvements to the Information Security Program to the Information Security Officer
Plans, develops, and executes vulnerability scans of organization information systems.
Ensures compliance with all applicable configuration standards.
Manages enterprise vulnerability assessment and configuration assessment tools.
Recommends security controls and/or corrective actions for mitigating technical and business risk.
Produces vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness.
Perform periodic security and compliance related reviews and audits.
Manage and maintaining security policies and procedures.
Establish the governance for IT related risk and compliance.
Primary point of contact for SOC / SOX auditing
Requirements
Needed Competencies:
Technical expertise in analyzing threat event data, evaluating malicious activity, documenting unusual files and data, and identifying tactics, techniques and procedures used by attackers.
Technical expertise in system security vulnerabilities and remediation techniques, network, and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, etc.)
Technical expertise in security engineering, system and network security, authentication and security protocols, cryptography, and application security
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
An ability to effectively influence others to modify their opinions, plans, or behaviors.
An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
Ability to speak and write clearly and accurately.
Education:
Computer Science, Information Technology, or any related field
Experience: At least 5-8 years of experience in IT Security, Controls, or Auditing
Knowledge, Skills and Abilities:
Excellent English
Able to interact with internal and external customers remotely via phone or conference system.
Must possess a minimum of intermediate skill level with MS, Word, Excel and PowerPoint.
Knowledge of relevant software computer applications and systems
Effective listening skills
Multi-tasking capabilities
Preferences:
ISO/IEC 27001 - Information Security Management Certification
