What Add job title, key skills
Where Add location, town,city
Start a New Search

Infrastructure Security Specialist

Sofia, Bulgaria


| |
Position description

  • | | --- | --- | |
    **Position title:**
  • |
    Infrastructure Security Specialist
  • | | --- | --- | |
    **Employment status:**
  • |
    Full time
  • | |
  • |
    Sofia, Bulgaria
  • | |
    **Reports to:**
  • |
    Information Security & Quality Manager
  • | |
    **Staff reporting to this position:**
  • |
    Nil direct reports
  • | |
    **Date position last reviewed:**
  • |
    March 2019
  • | |
    **Overall objective of the position:**
  • |
    The fundamental purpose of this position is to provide effective security management of IT Services to ensure that the integrity, availability, performance, recoverability and security of the BDO Global IT services is delivered in accordance to agreed service levels.
  • This is achieved through proactive design, configuration, deployment and maintenance of the enterprise security infrastructure to mitigate potential service disruptions due security related incidents.

  • | |
    **Key accountabilities:**
  • |
    The key accountabilities of this role include:
  • Infrastructure Security Operations

  • =Providing specialised security skills and services to ensure that the use of chosen security solutions are maximised to protect all aspects of software, communications, networks, application systems, databases and data on the nominated platform(s).

  • =Actively protect information technology assets and infrastructure from external or internal threats and ensure that complies with statutory and regulatory requirements regarding information access, security and privacy

  • =Ensuring effective security of the information technology Managing implementation of security and control techniques and technologies as per defined requirements.

  • =Design, configure, deploy, and maintain the enterprise security infrastructure configuration items

  • =systems and networks, including operational management of security technologies. Including, but not limited too;

  • oFirewall(s) Management

  • oAnti-Virus Engine and Signature Management

  • oSecurity Patch Management

  • oUser log-on and registration

  • =Monitor systems for any anomalies, proper updating, and patching; performing basic administration of the organisation's IT security systems.

  • =Monitor vendor websites for potential threat alerts and software upgrades

  • =Evaluate and perform planning, testing, and implementation of software and hardware upgrades

  • Infrastructure Security Support

  • =Provide 2nd and 3rd level support to the Global IT Service Desk for security related incidents pertaining to Global IT Services

  • =Coach and guide Service Desk and Desk Side Support technicians in their incident response, directing incident first responder actions, and appropriately escalating issues.

  • =Responding to security threats (security incident management) utilising known ITIL support processes; Assist in incident response for any breaches, intrusions, or theft

  • =Analyse problems, recommend solutions, products, and technologies to meet business objectives

  • =Assist the end-user, other IT professionals, and external stakeholders in requesting security variances and implementation of subsequent configuration change requests

  • =Undertake the implementation of change-based requests to properly secure networks, systems, data and provide insights on implementations, configuration changes, and projects requiring security operational support

  • Security Auditing and Reporting

  • =Undertake cyclical Security Risk-Based audits of the Global IT Infrastructure to determine exposure levels

  • =Complete any necessary security reports and audit responses, ensure that the environment is compliant with all security policies, guidelines, best practices, and strategy.

  • =Continually review the state of all Global IT Infrastructure and validate the known security baseline on a cyclical basis, including;

  • oFirewall(s)

  • oAntiVirus

  • oPlatform Management

  • oUser log-on and registration

  • =Producing and acting on security violation reports.

  • =Recommend best security practices to achieve stated business objectives, advises on risk assumptions for any variances granted, and provides alternatives to achieve desired end results

  • =Maintains system documentation and configuration data for regulatory and audit purposes

  • | |
    **Qualifications, Experience, Skills:**
  • |
    1.At least 3 years of work experience in Infrastructure Security Management and/or related functions (such as IT Infrastructure Management)
  • 2.SSCP, CCSP (ISC)2 certification or equivalent preferred

  • 3.Knowledge of ISO27001/ISO27002 - preferred

  • 4.Trustworthy with high standards of personal integrity (demonstrated by an unblemished career history, complete lack of criminal convictions etc.), and willing to undergo vetting and/or personality assessments to verify this if necessary

  • 5.A background in technical IT roles such as IT Infrastructure Management or Operations, with a clear and abiding interest in Infrastructure security

  • =Expert skills in security system(s) used on nominated platform(s).

  • =Good technical skills (intrusion detection, penetration tasking, firewall configuration) for nominated platform(s).

  • =Good knowledge of security risks and preventative controls.

  • =Good understanding of security operational processes and controls.

  • =Good project, analysis, problem solving, and business relationship skills.

  • =An understanding of the law as it relates to IT.

  • 6.Excellent interpersonal skills, written and oral communication and ability to engage a diverse global group of team members.

  • 7.Strong delivery and change focus; experience in planning, prioritising and organising work for self and others to achieve goals and meet deadlines, including dealing with competing demands and management structures in a complex environment

  • =Broad knowledge of Infrastructure Security principles and practices.

  • =Thorough, expert knowledge of information systems, operating systems, databases and networking.

  • =Competent consulting and teamwork skills.

  • 8.Some knowledge of the legalities of data and physical security systems, together with skills in management, work scheduling and coordination.

  • |

Posted 17 days ago

report job
Similar Jobs