Job Description
Job Description
In this role, you will play a crucial part in safeguarding our organization's digital assets by assessing and mitigating cybersecurity risks. Your responsibilities will encompass a wide range of tasks related to the latest cyber threats, incident handling, and the establishment of robust security policies, procedures, and standards.
Key Responsibilities
The Cybersecurity Analyst is responsible for ensuring the security and integrity of our organization's digital assets. This role involves a wide range of activities, from implementing preventive security measures to conducting penetration tests and audits.
Perform External ASV scanning, Internal vulnerability scanning, External network penetration testing, and Internal Network penetration testing to identify and address security vulnerabilities.
Execute Application security scanning, APT (Advanced Persistent Threat) assessments, and Segmentation penetration testing to safeguard our systems and data.
Develop and maintain security policies and procedures documents and contribute to the hardening process of systems and applications.
Conduct PCI DSS Audits and actively participate in Cybersecurity Risk Response activities.
Promote security awareness within the organization through training and awareness programs.
Utilize Data Loss Prevention (DLP) tools and perform penetration testing, including Grey Box and Black Box testing methodologies.
Implement a risk management framework based on NIST (National Institute of Standards and Technology) to formulate a comprehensive cybersecurity strategy and policies.
Collaborate with the IT Steering Committee and contribute to the development of a cyber incident framework, responsibility charters, and governance documents.
Participate in incident response activities, ensuring that the organization is well-prepared for and capable of responding to security incidents effectively.
Manage data classification and DLP solutions, and oversee the deployment of Security Information and Event Management (SIEM) systems for advanced threat detection and logging.
Continuously monitor and update the cybersecurity risk management framework and policies to adapt to evolving cyber threats.
Develop Key Risk Indicators (KRI) and Key Performance Indicators (KPI) to measure and report on the organization's cybersecurity posture.
Stay informed about relevant external cybersecurity incidents and incorporate best practices to enhance our cybersecurity strategy.