Cyber Security Engineer
Colombo, LK
John Keells Holdings PLC
John Keells Group is Sri Lanka's premier Diversified Company, listed in the Colombo Stock Exchange, and a 150-year pillar of the Sri Lankan economy. John Keells Group is widely recognized as Sri Lanka's Most Respected Corporate EntityCyber Security Engineer
Union Assurance is a leading corporate and one of the fastest growing entities in the Life Insurance industry backed by the strength and stability of John Keells Holdings PLC, one of Sri Lanka's largest conglomerates. For the 9th consecutive year, the company has received the GPTW certification as a ‘Best Employer Brand,' and in 2020 was awarded the ‘Global Employer Brand’ by the World HRD Congress.
The Job Role:
A unique opportunity exists for a professional with a passion for Cybersecurity. In this role, you will be eliminating vulnerabilities and risk in networks, software systems and data centers with ongoing vulnerability scans, monitoring network data, and ensuring hardware and software applications are updated
Principle Accountabilities:
- Execute comprehensive enterprise information security and IT risk management program to ensure effective controls based on ISO 27001 and CIS are present to protect company assets
- Manage the continuous maintenance of the IT network, servers, user identity and devices to ensuring optimum security levels are maintained.
- Implement and manage security infrastructure firewalls, Secure Access Service Edge for the company’s users.
- Vulnerability assessment and Penetration testing of applications and perimeter using tools such as OWASP ZAP, support DevSecOps process.
- Analyze IT security threats in real-time and mitigate the threats; secure configuration of all IT assets.
- Ensure that newly-acquired technology complies with the IT security regulations and conduct regular vulnerability assessments on all online resources and present periodic updates on IT network security to the board audit committee to ensure no internal breaches or misuse of data take place.
- Responsible for managing information system security incidents, including investigation, recovery and prevention works.
- Participate in architectural discussions to work through risk, security, and compliance concerns and give inputs for architecture decisions on all aspects of security solutions.
- Attend training session to broaden and master skillset into advanced and emerging areas of cybersecurity.
- Assist in preparing training material for employees on cybersecurity, its threats and countermeasures
- Provide updates as required to Compliance Steercos & complete assigned actions items so as to avoid nonconformities
Qualifications and Experience
- Bachelor’s degree with Information Technology specialization.
- 2- 3 years of experience in similar capacity
- Experience in conducting or participating in any application security penetration testing
- Professional qualifications from following professional bodies ISACA; (ISC)2; or Global Information Assurance Certification (GIAC).
- Understanding of controls and frameworks and sound knowledge in network security controls, operating systems and incident response management.
- Good planning & organizing skill, quality focus and Attention to detail is mandatory.
The selected candidate for the above position will be entitled to an attractive remuneration package. Applicants who are interested are encouraged to apply on or before 05th July 2024.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Compliance DevSecOps Firewalls GIAC Incident response ISACA ISO 27001 Monitoring Network security OWASP Pentesting Risk management SASE Vulnerabilities Vulnerability scans
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information System Security Officer (ISSO) jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Threat intelligence-related jobs
- Open Pentesting-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Vulnerability management-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs