Job Description:

Prothom Alo is seeking a Senior, IT Security Engineer to join its IT team. The person shall look after all activities in the IT security area to ensure risk mitigation through the efficient and effective application of information security policies, processes and operations across the company.

Responsibilities:

• Look after overall IT security functions and operations for both ‘on-premises’ and cloud infrastructure
• Identify and monitor risks through key Information Security metrics
• Provide proactive monitoring, security automation, investigation, and response for security alerts and incidents
• Support deployment of company policies and implementation of controls
• Foster information security awareness and training for internal colleagues
• Identify gaps with policies and areas of improvement through control testing
• Assisting with the development of policies based on audit findings
• Assisting with risk assessments
• Develops tactical response procedures for security incidents.
• Provide Cyber Security technical expertise, support, and guidance to management in case of major security event/incident and/or data breach (post-incident review, postmortem, security remediation plan)
• Partner with our infrastructure and other development teams to ensure our networks, computer systems, and hosting environments are implemented and maintained consistent with best practices and policy
• Conduct research on tools, compliance requirements, and best practices as it pertains to Vulnerability Management

Skills:

• Graduate or Masters in Computer Science, Information Security or any other engineering discipline
• Total 4+ years of work experience with minimum 2 years of demonstrated, ‘hands-on experience’ in field of information security and its core components
• Knowledge of security in the public cloud and on-premise environment
• Good knowledge of risk management and audit process
• Knowledge and understanding of the system and network security, authentication and security protocols, vulnerabilities, and incident management
• Proven experience with current IT security technologies - Firewalls, IDS/IPS, Load Balancers, SIEM, DLP, Proxy, LDAP, RADIUS, AD, DNS, DHCP, VPN, EDR/MDR/XDR
• Prior experience with any one of the global information security framework
  
• Experience with AWS, GCP, and/or Azure, and are comfortable using security tools to interact with these environments. Good understating of cloud native security solutions
• Relevant security certification(s), any one or more from EC-Council Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), ISACA Certified Information Security Manager (CISM), ISACA Certified Information Systems Auditor (CISA), Certified Cloud Security Professional (CCSP)

Compensation & Other Benefits: