Senior Cybersecurity Engineer and Insider Threat Specialist
Position Overview:Will play a key role in implementing and monitoring the university's cybersecurity infrastructure, with an emphasis on detecting and responding to threats originating from within the university, including those posed by faculty, staff, and students. This individual will lead ethical hacking efforts, perform continuous security assessments, and ensure that all security policies are followed by internal users.
Key Responsibilities:
- Continuously monitor the university's network and systems for potential vulnerabilities, including insider threats from university personnel (e.g., staff, faculty, and students).
- Perform regular ethical hacking, penetration testing, and vulnerability assessments to detect and mitigate risks, with a focus on preventing unauthorized internal access to sensitive systems.
- Lead incident response for internal security breaches, working closely with HR, legal, and IT teams to address potential misuse by employees or students.
- Implement and manage security tools like firewalls, intrusion detection systems (IDS), and endpoint protection with insider threat detection capabilities.
- Proactively identify suspicious behavior from internal users, such as data exfiltration, unauthorized access, or policy violations.
- Coordinate with the Chief Information Security Officer (CISO) to review internal user permissions and enforce access control policies.
- Ensure compliance with cybersecurity protocols among all university employees and students, conducting regular audits of their access to sensitive systems.
- Educate faculty, staff, and students on cybersecurity best practices and university policies related to acceptable use of university systems and data.
- Provide detailed reports on insider threat activity and collaborate with university leadership on remediation strategies.
- Stay up to date on emerging internal and external cybersecurity threats and deploy the latest tools and strategies to counter them.
Qualifications:
- Bachelor's degree in Cybersecurity, Computer Science, or a related field.
- 5-7 years of hands-on experience in cybersecurity, particularly in ethical hacking, incident response, and insider threat detection.
- Certifications such as CEH (Certified Ethical Hacker), OSCP, or CompTIA Security+ required.
- Proficiency in monitoring tools, firewalls, IDS/IPS, and endpoint protection with insider threat detection capabilities.
- Experience conducting vulnerability assessments and managing internal security breaches.
- Strong problem-solving skills with a focus on identifying and preventing insider threats.
- Excellent communication skills to work with various university departments, including IT, HR, and legal, on internal threat mitigation.
- Familiarity with regulatory requirements concerning data access, insider threats, and cybersecurity compliance in an academic environment.
Kuwaiti Applicants Preferred.