Support Information Technology Department team in daily tasks, including incident response, investigations, project management, assurance tasks, and reporting responsibilities.
Conduct penetration testing on both new and existing applications to analyze vulnerabilities and assess their potential consequences.
Regularly perform vulnerability assessments on the IT infrastructure systems of the University of Khorfakkan to identify weaknesses, prioritize risks, and ensure prompt remediation.
Coordinate with the internal IT auditor to assess potential risks impacting the IT infrastructure, address audit findings, and implement corrective actions to close identified audit discrepancies.
Ensure authorized access by investigating improper access and reporting violations.
Create concise and comprehensive reports related to security violations, including recommendations for addressing any identified control weaknesses.
Methodically conduct system and process audits to verify compliance with adopted processes, policies, and standards.
Be an advocate of security awareness, stay updated on cybersecurity trends, and incorporate best practices into daily work.
Protect systems by defining access privileges, control structures, and resources.
Assist in the development and implementation of IT Disaster Recovery/Business Continuity plans and maintain disaster recovery documentation, policies, and protocols.
Implement security improvements by assessing the current situation, evaluating trends, and anticipating future requirements.
Provide thought-leadership within Information Security and the IT team to help implement or improve existing security controls.
Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attack vectors.
Select and acquire additional security solutions or enhance existing security solutions to improve overall enterprise security as per the existing procurement processes.
Oversee the deployment, integration, and initial configuration of all new security solutions and enhancements to existing security solutions in accordance with standard best practices.
Ensure the confidentiality, integrity, and availability of data residing on or transmitted through workstations, servers, and other systems, as well as in databases and other data repositories.
Engage in ongoing communications with peers in the Systems and Networking groups, as well as various business groups, to ensure enterprise-wide understanding of security goals, solicit feedback, and foster cooperation.
As a Team Member, You Will
Maintain and encourage open and honest business relationships within the team.
Be a change leader to adapt to new and innovative ways of delivering IT services.
Build and utilize working relationships with internal business partners across the organization.
Communicate in a respectful and well-understood manner.
Consider health & safety as a primary concern for yourself and others.
Manage a large variety of work while meeting tight deadlines.
Handle the demands of multiple stakeholders, sometimes with conflicting interests.
Qualifications, Experience & Skills Required
Bachelor’s degree from an accredited institution, preferably in Computer Science, Information Technology Systems Security, or a related field. Master’s degree preferred.
Minimum of five (5) years within the last twelve (12) years of experience in an Information Security role.
Knowledge of Information Technology Infrastructure Library (ITIL) (certification preferred) concerning security administration and information technology governance in a multiplatform environment.
Experience in penetration testing, vulnerability assessments, and risk-based remediation strategies.
Experience in establishing cybersecurity and risk metrics for reporting.
Strong emotional intelligence with sustained leadership involving multiple stakeholders.
Demonstrated management skills, including budget development and administration, policy development and implementation, personnel administration, and staff training and development.
Demonstrated ability to work with diverse individuals; effective oral and written communication skills.
Ability to apply knowledge and experience to achieving enterprise strategy, mitigating external risks, improving internal processes, and delivering business outcomes.
Strategic Thinking: Ability to manage multiple goals and deadlines while maintaining a big-picture perspective.
Facilitation, Negotiation, and Problem Resolution Skills: Ability to build strong relationships with technology and solutions teams, customers, and vendors.
Resilience and resourcefulness.
At least one of the following certifications:
Certified Information Security Manager (CISM)
GIAC Security Essentials (GSEC)
Certified Information Systems Security Professional (CISSP)
Two or more of the following certifications:
(ISC)2 SSCP, CCSP, or CCFP
ISACA Certified Information Security Manager or Auditor
GIAC Security Management and Leadership or Technical Security Certifications
EC-Council CEH or EDRP
Cisco CCNA or CCNP Security
Microsoft Certified Systems Engineer: Security
Cloud Security Certifications such as the Cloud Security Alliance's CCSK or other certifications specific to major platforms like AWS or Azure
مستوى الأقدمية
مستوى متوسط الأقدمية
نوع التوظيف
دوام كامل
المهام الوظيفية
غير ذلك، تكنولوجيا المعلومات، و الإدارة
المجالات
التعليم
تزيد الترشيحات من فرصك في الوصول لمقابلة الوظيفة في شركة University of Khorfakkan، إلى الضعف
