Description de l'offre
Détails de l'annonce Poste proposé : Analyst - Security Internal Control and AwarenessActivities : Participate in Implementing the Information Security policies, process, procedures, Cyber Security and Privacy framework, and Risk Treatments controls. Users & Accounts Management : Perform user access reviews according to the relevant processes. Drive the account certification process. Perform profiles reviews according to the relevant processes. Make awareness ofUser Access Management best practices. Contribute to mature the IAM framework (PPPs, provide inputs for systems improvements) Ensure compliance to our Segregation of Duties Standard. Log Management : Ensure collection of all relevant logs from critical systems. Perform log analysis & generate alerts & incidents from them. Monitor the log management systems. Incident Management : Deploy the necessary tools & adopt the necessary process to detect security incidents. Analyze incidents reported through various channels and ensure their follow up until closure within established MTTRs. Ensure incidents are managed according to the Security Incidents procedures (including post-incidents actions). Maintain stakeholder’s engagement to ensure timely incident closure. Security By Design : Maintain the Information Security Baseline for IT & Network Systems Ensure the Baseline is enforced at delivery of projects and during operations Define the yearly awareness and execute it. Penetration tests and technical audits : Establish the scope for penetration tests to be performed by partners. Be the SPOC for partners during penetration tests and technical audits Engage with stakeholders to develop appropriate countermeasures and tools from penetration testing and audits results. Ability to perform proof of concept on discovered risks and vulnerabilities. Operating the Security Operation Center : Ensure threat protection including security information and event management (SIEM), user and entity behavior analytics (UEBA), anti-virus (AV) and intrusion detection system/intrusion prevention system (IDS/IPS) Analyze security events and alerts and recommend appropriate actions in response to information security incidents Manage …