Job description / Role
At IBM, work is more than a job - it's a calling: To build. To design. To code. To consult. To think along with clients and sell. To make markets. To invent. To collaborate. Not just to do something better, but to attempt things you've never thought possible. Are you ready to lead in this new era of technology and solve some of the world's most challenging problems? If so, lets talk.
Your Role and Responsibilities
The Information Security Specialist will report to the Information Security and is responsible for the state of vulnerability management across multiple operating environments, assets, products, and services. The person in this role will maintain and optimize existing vulnerability management program operations while supporting vulnerability management systems, initiatives, integration, and technical vulnerability assessment and remediation.
The Senior Manager, Information Security will generate vulnerability reporting to drive appropriate actions by all levels of the organization including executive management. Additionally, the person will define the prioritization of remediation activities, optimizing the remediation efforts in a dynamic environment.
- Oversee and support the development of vulnerability management systems, initiatives, integration, and technical assessment.
- Direct and/or perform on-going vulnerability assessments, penetration tests, and application and network security scans. Direct assessment efforts in a prioritized fashion, seeking breadth and depth of coverage where appropriate.
- Partner with teams who implement technology and achieve methods for aligning to their processes and reduce vulnerabilities.
- Enhance technology and/or process to ensure accurate and up to date inventory of critical infrastructure and applications are in place.
- Identify roadmap, budget, and priorities relative to infrastructure and application security assessments.
- Serve as an internal information security consultant to the organization. Assist in the review of applications and/or technology environments to assess information security risk.
- Support information security compliance and risk management activities to meet the vulnerability management policy, standards, and requirements
- Support technical assessments of 3rd party vendors and mergers/acquisitions.
Required Technical and Professional Expertise
- Minimum 2 years Information Security experience, focused on risk analysis, identification, and vulnerability assessment and penetration testing. Entertainment industries experience a plus. Degree in Computer Science or a related field is desirable.
- Thorough understanding of ISO 27001, including practical experience implementing and auditing an information security management system.
- Understanding of Security and Infrastructure Architecture/Technologies: including but not limited to Routers, Firewalls, IDS, PKI, VPN, Two Factor Authentication, Identity Management, Data Leak Prevention, Encryption, Application Security, Vulnerability Scanners, Penetration Testing, Windows and Unix Systems Security.
- Ability to adapt to a high paced work environment and to handle multiple tasks simultaneously, and follow through on tasks to completion.
- 2 or more years of experience in networking and information security related devices, routers, switches, IDS/IPS, firewalls, SIEM, and other specialized equipment.
- Thorough understanding of Network protocols and security related architecture.
- Efficient in multiple operating systems including Windows, OSX, and Linux.
- Ability to scrutinize complex and diverse information and transform details and facts into recommendations and action plans.
Preferred Technical and Professional Expertise
- Anti-Virus - Kaspersky | Symantec
- SANS GIAC
About the Company
For more than six decades, IBM Middle East & Pakistan has played a vital role in shaping the information technology landscape of the region. Today, IBM is part of the region's technological fabric, solving real-world business and societal challenges, through its offices in UAE, Saudi Arabia, Qatar, Kuwait and Pakistan, and also a diversity of centers across the region.
Within the region, IBM currently has groundbreaking initiatives in cloud computing, analytics, mobile, security, as well as nanotechnology, eGovernment, healthcare and many more, collaborating with leading educational institutes and governments. IBM supports hundreds of clients to drive transformation through technology, contributes to regional research & development programs and has an active Corporate Service Corps (CSC) program.
Reinvention is a keyword in the company's history and, today, IBM is much more than a "hardware, software, services" company. IBM is now emerging as a cognitive solutions and cloud platform company.