SOC Subject Matter Expert

27 سبتمبر، 2022

0 5 2 دقائق

Job Description

Validate and ensure quality of all security controls efficiently.
Be able to patriciate in developing security Control strategy.
Create a criteria and checklist to measure security controls effectiveness.
Reviews/monitor security control policy, process, procedures and effectiveness.
Identifies gaps that in the security controls (in network, Application, database and security
appliances).
Be committed to the project and participate in the workshops.
Be proactive and engaged during the workshops.
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat
vectors, risk management, incident management etc.
Investigate, document, and report on information security issues and emerging trends.
Guide and share information with other analysts and other teams Other tasks and
responsibilities as assigned
Communicate effectively by contributing significantly to the development and delivery of a variety of written and visual documents for diverse audiences.
Expert about various Security Controls like – Next-generation Firewall(cisco, Palo Alto,
Fortigate(Fortinet)) , Malware solution , APT solution(Fire Eye), HIPS/NIPS, WAF,
IPS/IDS(Fire Eye, MacAfee) Network Monitoring tools, AV, DB Monitoring
(Imperva)solution, Masking tool(informatica), Data loss prevention(Forcepoint), File
Integrity Management(Tripwire), EDR(carbon black).
Be able to review/evaluate security controls effectiveness and provide a remediation plan
to increase the effectiveness.
Create/implement High Security Protection Standard (Security Baselines) for each
Security control that exist in the copmany.
Assess the effectiveness of the current data protection controls.
Identify and implement mitigation controls / plans for the identified gaps.
Assess the practices regarding data collection and data sharing to, from and within
company.
Identify, design and implement data protection technologies such as DLP and DRM.
Ensure company's compliance with the data protection laws and regulations.
Provide recommendations to improve the data protection compliance.
Create security systems / mechanisms that protect against any potential information
disclosure or attacks.
Implement security controls to ensure the protection of data from any modification or
deletion due to unauthorized access.
Review/Implement cryptographic algorithms.
Suggest security solutions to eliminate the weaknesses.
Manage, and monitor the implementation of the recommended improvements.
Assist in solving any security issues that may emerge.
Knowledge of the principles of cybersecurity and privacy, cybersecurity controls and
privacy requirements for the management of risks relating to data, cybersecurity and
privacy principles and organizational requirements, data security standards relating to
personally identifiable information and data security standards relating to the sector in
which the organization operates.
Minimum of 10 years experiences in building/managing Security controls