TASKS :
- Perform organization wide cybersecurity risk analysis and maintain updates on the identified
risks
Create, socialize and obtain approval for cybersecurity strategy and plans to address genericand specific cybersecurity risks to the organization
Create and follow a process to track progress against cybersecurity plansLead the implementation of cybersecurity initiatives for MyCity Portal development projectCreate network architecture diagrams, collect communication flow information, and buildhigh level and low level design documents
Work on complex network problems, interact with vendor support teams, and drive the issueto resolution
Translate compliance requirements into specific security controls and present compensatingsecurity controls
Report to upper management on current cybersecurity posture and progress on mitigatingidentified risks
Identify cybersecurity gaps and maintain a risk registerCreate metrics to measure cybersecurity controls efficacyWork with partners to create and maintain incident response plansMonitor and respond to alertsReview and optimize existing cybersecurity controlsEnsure the organization compliance with cybersecurity best practices, policies and standardsEnforce endpoint security standardsAnalyze vulnerabilities and work with Application Development, IT and Systems teams toensure timely remediation and validation
Perform threat simulations to detect possible risks and provide cybersecurityrecommendations on topics like network perimeter, identity management, API security,
microservices design and / or application development
Instruct and guide other teams to craft "secure by default" infrastructure; they may alsoinvestigate, build, and recommend innovative technologies or other methods that will
improve the security of cloud-based and on-premises environments
MANDATORY SKILLS / EXPERIENCE Note : Candidates who do not have the mandatory skills will not be considered
Bachelor's degree in Computer Science, Information Systems or equivalent work experienceAt least 12 years of experience in information securityAt least 8 years in IT infrastructure management, application architecture, risk management,data architecture, middleware technology, and IT operations and project management
At least 8 years of experience with networking, load-balancing, DNS, TLS / SSL digitalcertificates, SAML and Single Sign-on technologies, Kerberos, MFA technologies, and Identity
management
At least 4 years of experience working in cloud environment (Azure, AWS, GCP)At least 4 years of experience working in securing Internet-facing applications, utilizing WAFtechnologies (eg : Akamai CDN and WAF, CloudFlare, Azure CDN and WAF, Azure FrontDoor,
AWS CloudFront and WAF, and similar reverse-proxy technologies)
At least 4 years of experience working with tools and techniques for collecting andprocessing Network Security Telemetry and Security Event Data
At least 4 years of experience architecting, deploying, and managing endpoint security andEDR technology
At least 4 years of experience using scripting languages (Python, Bash, Powershell, etc.)At least 4 years of experience with Windows, Linux, or MacOS administrationAt least 4 years of experience working with vulnerability management and scanning toolsAt least 4 years of experience working with application scanning toolsDESIRABLE SKILLS / EXPERIENCE :
Experience in implementing and operating Network Security Telemetry Collection Systems inmulti-cloud and on-prem environments
Experience in implementing and operating Data Loss Prevention SystemsExperience of information security principles and practices, especially the implementation ofpractical technical controls to support organization policy
Strong understanding of networking protocols, firewalls, and cybersecurity protectionconcepts, including software development lifecycle, and compensating controls
Strong understanding of cloud-based services such as O365, AzureAD, IAM, Entra IDStrong understanding of CIS controlsExperience with Syslog-NG, LogScale (Humio) or similar SIEM / log aggregation systemsExperience with SSO products and services such as Entra ID, PingFederate, or OktaExperience with NetSkope, Zscaler, Palo Alto Networks Prisma Access or similar cloud proxiesFamiliarly with CASB / SASE productsExperience with Cloud-based EDR / XDR toolsKnowledge of endpoint security management, configuration policies, and proceduresExperience with asset management and on-prem / cloud-based vulnerability managementtools
Highly flexible / willing to learn new technologiesHighly organized with excellent analytical, problem solving and decision-making skillsExcellent communication and collaboration skills
