What you will do Maintain AgileEngine's Information Security Framework and underlying policies, procedures and guidelines. Design and implement controls to ensure that security requirements are met. Develop and integrate security solutions and technologies. Implement security best practices, hardening guidelines and protection profiles. Perform ongoing security monitoring of information systems, including assessing information security risk through risk analysis. Conduct gap analysis and vulnerability assessments on a regular basis and consult in mitigating vulnerabilities. Manage and configure various security tools (SIEM, SOAR, HIDS/NIDS, WAF, etc.). Response to security incidents and vulnerability management processes. Evaluate and recommend new information security technologies and counter-measures against threats to information and systems. Conduct periodic internal information security audits. Help create effective staff training programs to increase security awareness across AgileEngine. Must haves 2+ years of experience in information security; Upper-intermediate in spoken and written English; Strong understanding of information security principles, practices, and methodologies; Knowledge of at least one security standard: ISO/IEC 27001, NIST CSF, PCI DSS, or SOC 2; Practical experience in developing and writing security policies and procedures; Hands-on experience with the incident response process, including detection, investigation, and mitigation; Excellent written communication skills, with the ability to produce clear, concise, and well-structured reports; Strong analytical skills, with the ability to assess complex systems, identify security issues, and devise effective solutions. Nice to haves Familiarity with cloud architectures and secure network design principles. Understanding of troubleshooting techniques relevant to security and systems management. Experience with operating system hardening and secure configuration practices. Hands-on experience with vulnerability assessment tools. Practical experience using SIEM and other security monitoring tools. Job Type: Full-time
#J-18808-Ljbffr