Role Purpose :
The Information Security Specialist is accountable for ensuring appropriate controls are in place for the security of information assets. The Information Security Specialist safeguards information by seeing that security risks are identified, assessed and accurately reported. Additionally, the Information Security Specialist is charged with ensuring local procedures and activities comply with all regulatory requirements and internal policies, procedures, guidelines and standards. The Information Security Specialist is the centre of competence for Information Security providing an advisory services role and acting as the focal point for security compliance related activities and responsibilities.
Location : TAQNIA Head Office , Saudi Arabia , Riyadh .
Department : Information Technology ( IT ) .
Duties and responsibilities :
Strategic duties :-
1- Prepare reports that document security breaches and the extent of the damage caused by the breaches.
2- Recommend security enhancements to management.
3- Develop security standards and best practices.
4- Assure applying all security rules and measurements
Technical duties :-
1- Develop Information Security Plans and Policies.
2- Protects system by defining access privileges, control structures, and resources.
3- Recognizes problems by identifying abnormalities; reporting violations.
4- Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
5- Determines security violations and inefficiencies by conducting periodic audits.
6- Vulnerabilities testing.
7- Penetration testing.
8- Upgrades system by implementing and maintaining security controls and batches.
9- Keeps users informed by preparing performance reports; communicating system status.
10- Maintains quality service by following organization standards
11- Planning and implementing security measures to protect computer systems, networks and data.
12- Creating, testing and implementing network disaster recovery plans.
13- Performing risk assessments and testing of data processing systems.
14- Installing firewalls, data encryption and other security measures.
15- Recommending security enhancements and purchases
16- Monitor for Security Breaches.
17- Investigate Security Breaches.
18- Interacts with users and evaluates vendor products.
19- Maintain SLA, System Availability, Capacity management, and Performance KPI.
20- Monitor the organization’s networks for security breaches and investigate a violation when one occurs.
21- Install and use software, such as firewalls and data encryption programs, to protect sensitive information.
22- Research the latest information technology (IT) security trends.
QUALIFICATIONS/ REQUIREMENTS :
· Education : Bachelor in computer science – concentration operating system, networking and cyber security
· Certificates : Systems Security Certified Practitioner (SSCP) - Certified Information Systems Security Professional (CISSP) - Information Systems Security Engineering Professional (ISSEP) – concentration - Certified Information Systems Auditor (CISA) – this is a plus - Cisco Certified Security Professional (CCSP) – this is a plus - CompTIA Security+ .
· Experience : 2-5 years of experience in related job .