Role Proficiency:

With strong knowledge and competence independently carry out the assigned tasks with minimal support from the supervisors. Handle the internal audits to ensure the compliance requirements of various applicable standards and more independently handle VAPT/Red Teaming assignments and involve in customer discussions to identify requirements. (Minimum Supervision)

Outcomes:

Handle the assigned tasks from the allocated domain with minimal guidance from the leads. (Domain Examples: BCMS Risk assessment Incident management HITRUST SOC Customer Assurance Awareness activities Data Privacy VAPT Red Teaming etc.) Should independently handle internal audits (with minimal support from the leads) to ensure compliance with ISO 27001/ISO 22301/ISO 27701 requirement as well as process specific requirements. Responsible for the effective documentation of internal audits (reports) with accurate mapping to control points. Point out the non-conforming areas and suggest measures to improve the information security posture. Understand IT Controls implementation and to conduct Risk Assessment. Involve with the leads in customer discussions to clearly identify/document the requirement. Perform Security Assessment scoping independently based on security standards like OWASP. Perform Web Application Penetration Testing Network Penetration Testing Mobile Penetration Testing and Code Review independently based on the guidance from leads. Learn and understand existing and emerging security practices with minimal guidance from the leads. Mentor A1 and A2 band employees Independently handle preparatory sessions and evidence collections from all applicable teams as part of any external audits Independently contribute to infosec awareness activities Contribute to establish a tracking and reporting strategy.

Measures of Outcomes:

      Number of internal audits conducted or security assessments been a part of.       Number of Areas of responsibility on cross domains       Number of NCs in external audits       Less than two stake holder escalations       More than two appreciation from the stakeholders

Outputs Expected:

Documentation:

Policy and Procedure amendments
Awareness training materials
Presentations decks for internal/ external discussions
Audit /Security Assessment reports

Process:

Internal ISMS audits – independently carry out audits
prepare audit reports and ensure timely closure of audit reports Compliance Audits – Representation in certification audits
conduct preparatory session and evidence collection Infosec activities – training material
conducting sessions
co-ordinate with other teams for trainings conducting Customer Assurance – assist in customer assurance requirements and evidence collection Vulnerability Assessment and Penetration Testing/Red Teaming Activities CM activities Assisting the leads in executing other location responsibilities.

Monitoring:

Mentoring and monitoring the responsibilities of A1 and A2 band employees

Training or certifications:

3 per year (1 certification and minimum 2 of UST training related to Information/Cyber Security domains)

Skill Examples:

Ability to understand prioritize and escalate tasks to resolve issues quickly and make decisions. Strong compliance auditing knowledge. Ability to interpret all scenarios applicable to the business for identifying the potential risks associated with various functions/services. Proficiency in Network Security Controls' implementation like IAM IPS/IDS E-Mail Security Controls Cloud Security Controls etc. Detail oriented customer oriented result delivery oriented analytical thinking Strong Excel and Dashboard skills. Excellent Presentation and communication skills Excellent verbal and written communication skills required including the ability to effectively communicate in both highly technical and non-technical environments A great problem solver with the knack of coaching others to do the same   Good at working in a team and with other teams   Good time management   A desire for continuous learning and skill development.   Self-motivated and enthusiastic

Knowledge Examples:

Should have a strong understanding of concepts of Information Security Business Continuity Data Privacy VAPT Red Teaming and various compliance standards. Knowledge on ISO and other Compliance standards efficient to evaluate the security controls. Knowledge on ISO 22301/27001/9001/27701 Risk Management incident management awareness activities customer assurance etc. Knowledge on standard SDLC and project management life cycles. Knowledge on the operations of various functional units like HR REFM IT Finance etc. and units involved in IT Asset lifecycle management. Expert on security testing standards like OWASP Top Expert on Linux commands. Expert on Scripting Languages like Shell Script Python etc. Development and Testing knowledge would an added advantage.   Hands on experience in RSA Archer Burp Suite Nessus Nmap Postman Genymotion MobSF Drozer etc.   Good to have Certifications like ISO 27001/22301/9001/27701 Lead Auditor/Implementor CEH (MASTER) ECSA CASE OSWP etc.

Additional Comments:

Information Security Engineer We are seeking a talented and experienced Security Engineer with a strong focus on Python and security automation to join our Information Security team. The ideal candidate will be adept at developing and implementing automated security solutions to protect our systems and data. Key Responsibilities • Develop, implement, and maintain security automation scripts and tools using Python. • Integrate security tools and solutions to automate security processes and workflows. • Conduct security assessments and vulnerability analysis to identify and mitigate potential threats. • Monitor security systems and respond to security incidents with automated solutions. • Collaborate with cross-functional teams to design and implement security controls. • Stay updated with the latest security trends, vulnerabilities, and technologies. • Develop and manage APIs to facilitate communication between security tools and systems. • Build new and edit existing automation to high standards of reliability, efficiency and error-handling. • Implement and manage Security Orchestration, Automation, and Response (SOAR) platforms to streamline and automate incident response activities, including but not limited to Palo Alto Cortex XSOAR, Splunk Phantom, IBM Resilient, Cyware, Microsoft Logic Apps, and ThreatConnect. • Utilise Microsoft Defender for Endpoint (MDE) for endpoint protection and threat detection. • Create and manage queries using Kusto Query Language (KQL) to analyse security data. • Write detailed technical documentation, including standard operating procedures (SOPs), technical write-ups, and user guides for security tools and processes. • Implement and manage Continuous Integration/Continuous Deployment (CI/CD) pipeline automation to ensure secure code deployment. • Utilise Infrastructure as Code (IaC) tools (e.g., Terraform, Ansible) to automate the provisioning and management of secure infrastructure. Skills and Experience Required • Minimum 3 years’ experience programming in Python, with experience in developing automation scripts and tools. • Proven experience as a Security Engineer or in a similar role, with a focus on Python and security automation. • Familiarity with operating system scripting languages such as PowerShell and Bash. • Experience with security tools and technologies such as SIEM, IDS/IPS, firewalls, and vulnerability scanners. • Knowledge of cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes). • Experience with API development and integration, including RESTful APIs. • Proficiency in implementing and managing SOAR platforms (e.g., Palo Alto Cortex XSOAR, Splunk Phantom, IBM Resilient, Cyware, Microsoft Logic Apps, ThreatConnect). • Hands-on experience with Microsoft Defender for Endpoint (MDE) for endpoint security. • Excellent problem-solving skills and attention to detail. • Strong communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical stakeholders. • Proven experience in writing detailed technical documentation, including SOPs, technical write-ups, and user guides. Desirable • Bachelor's degree in Computer Science, Information Security, or a related field. • Proficiency in Kusto Query Language (KQL) for querying and analysing security data. • Knowledge and experience with Infrastructure as Code (IaC) tools (e.g., Terraform, Ansible) • Relevant certifications such as CISSP, CEH, OSCP, or GIAC. • Experience with CI/CD pipeline automation and tools (e.g., Jenkins, GitLab CI/CD). • Experience with DevSecOps practices and tools (e.g., Jenkins, GitLab CI/CD). • Understanding of network protocols and security architecture. • Understanding of how security testing, prevention and detection work together in an environment.