Jobs at HR-EX Consulting

Summary of Functions

• Work with the cybersecurity operations team to protect assets from unauthorized access, unauthorized data alteration or denial of service through vulnerability and threat identification, incident detection and response and forensic investigations.
• Review and make recommendations regarding on-prem, datacenter and cloud infrastructure, networking and security settings and posture
• Create and maintain key metrics that are indicative of the security posture of the infrastructure.
• Keep abreast of threat intelligence feeds to stay abreast of industry reports and emerging threat that may affect the firm.

Education, Experience, and Skills Required

• Bachelor’s Degree / HND in Computer Science, Information Technology or Cybersecurity related field
• 4+ years of experience in Cybersecurity
• 2+ years of experience as a SOC/Forensic analyst supporting cybersecurity incident response.

go to method of application »

Summary of Functions

• Drive the Automation of the Security Baseline configuration using Enterprise tools Puppet, Ansible.
• Manage the Database security program including onboarding, discovery, use cases, upgrades & regular assessments. Tool is Imperva.
• Based on the nature of security threats perceived, assesses and establishes mitigating steps to ensure appropriate treatment and escalate as appropriate.
• Co-ordination of security systems disciplines in the face of active threats.
• Provides expert technical insight and industry perspective in the creation, delivery, and integration of complex and comprehensive security solutions and architecture.
• Collaborates and acts as a security architecture liaison with other IT areas and to design and/or recommend new security solutions as needs arise.
• Liaise with other relevant functions to facilitate the timeous closure of incidents and vulnerabilities.
• Ensure Security controls are regularly evaluated as part of the Security Assessment program with proposed remedial actions to address noted baseline variances.
• Support the implementation of risk assessments exercises across the Information Technology function in order to trap and highlight information security weaknesses and advice on controls to mitigate those risks.
• Implement standards for testing methodologies, techniques and procedures and conduct robust quality standard programme.
• Lead IT Controls Assessments and compliance exercises.
• Support controls design for Operating systems, Applications & Database Security, implementation, assessments & reporting.
• Monitor compliance to Information security policies, procedures and standards via a robust information security program/plan depicting continuous planned and ad-hoc audit and review exercises.
• Liaise with other relevant functions/stakeholder to implement information security.

Education, Experience & Skills Required

• Minimum of First Degree in Computer Science, Engineering, Information Technology/Systems or any related discipline preferred.
• Minimum of 5 years of experience in Cyber security or roles with a focus on Application, Operating systems & Database security.
• Experience with Windows/Unix/Linux Operating systems with a focus on cybersecurity Relevant industry certifications (i.e. CISSP, CISA, CRISC, CISM, COMPTIA+, Imperva Database administrator, Puppet practitioner, CASP+ CEH, GCIH, GCIA, OSCP)
• Experience with SIEM (Arcsight), EDR (Falcon Crowdstrike, Packet Analysis, HIPS/NIPS, Network Monitoring tools, Service Now Ticketing, Database Security.
• Technical experience around Identity Access Management, Controls configuration management & automation using Puppet/Ansible/Chef, Vulnerability assessments and treatment, Technical systems baseline governance & Implementation.
• Proven experience with best practices, frameworks & standards implementation across technology stacks, Auditing across varying technology, integrating log sources to a SIEM and offense/alerts tuning.
• Proven experience in penetration testing & Use of offensive Security Red team tools.
• Proven experience in business continuity & use of defensive Blue team tools.
• Proven experience in identifying, developing, implementing and evaluating risk response options & providing management with information to enable risk response decisions.
• Experience in identifying requirements, developing architectures, and deploying enterprise Security architecture, ensuring that the implementation adheres to standards and best-practices. • Mastered the principles of how business strategy drives Security.
• Excellent negotiation and facilitation skills is critical to this role: (Able to convey and sell ideas and strategies to stake holders).
• Knowledge of SQL is desirable – minimum Intermediate.