Specialist/Senior Specialist - Information Security Department
- Tirane
- Tipi
-
- me orar te plote
- Fusha | Profili i punes
-
- Informatike | Programim
- Gjuha
-
Specialist/Senior Specialist - Information Security Department
Duties & Responsibilities:
Another degree that provided a minimum education in one or more of the fields identified above and included the development or adaptation of applications, systems or networks; or equivalent combinations of experience and education.
All applications will be treated with the highest confidentiality. Only candidates that meet our criteria will be notified.
Duties & Responsibilities:
- Perform information security threats, gap and impact assessments on IT applications, infrastructure systems, communication channels based on industrial recommendations and best practices
- Manage and investigate information communications security incidents and enhance incident response plan
- Ensure end-point security compliance against requirements for patching, anti-virus and other protection devices
- Deploy and management of security infrastructure devices such as Firewall, Database Security Solution, IPS, SIEM, Vulnerability Management and other security devices.
- Coordinate with internal departments and branches and communicate security related concepts to both technical and non-technical staff
- Establish information security controls in various projects by closely following the design, deployment, management and enhancement of the security barriers.
- Work with different IT teams and business units to provide and propose solutions which meet the needs of the business
- Train the internal staff on a continuous basis related to information security threats
- University degree in Computer Science, Informatics, Electronic engineering, Information Security
Another degree that provided a minimum education in one or more of the fields identified above and included the development or adaptation of applications, systems or networks; or equivalent combinations of experience and education.
- Four years minimum hands on experience in security including experience with Internet Cyber based technology and security issues.
- Financial services industry knowledge is highly desirable (especially in the Banking Sector).
- Good working knowledge with international Information Security procedures, methodologies and standards (ISACA, ISO 27001, PCI DSS etc.).
- Good working knowledge in the fields of information security, project management, business applications, database systems, networking infrastructure, information systems’ operations, maintenance and support.
- Any certification in information security such as CEH, CISSP, etc. is highly desirable.
- Advanced level of English is required.
- Ability to communicate technical and security related concepts to broad range of technical and non-technical staff.
- Excellent written and oral communication skills.
- Strong analytical skills.
- Ability to work independently with minimum supervision or as part of integrated teams.
- Ability to easily adapt to changes in information technology and quickly learn and utilize new tools and methodologies.
- Practical knowledge of security systems and good knowledge of security solutions on the market (eg. Firewall, DMZ, SSL/IPSec VPN, Proxy, Remote Access, PKI )
- Good knowledge of general network environment (LAN, WAN, WiFi, routers, switches)
- Good knowledge of network communication protocols (Ethernet, TCP/IP, MPLS)
- Good Application Penetration knowledge (eg. XSS, buffer overflow, URL tampering, SQL Injection, dDoS, Botnet )
- Preferably a University degree, 4 to 5 years’ experience in the Security domain (IT or Network domains are also valuable);
- Technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, anti-malware solutions and desktop security tools;
- Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts;
- Knowledge of and experience with identity and access management (IAM) principles, processes and tools;
- Experience designing secure networks, systems and application architectures
- Direct experience with anti-virus software, intrusion detection, firewalls and content filtering
- Direct experience for treating information security incidents
- Train other Information Security colleagues in order to increase the knowledge level of the team
All applications will be treated with the highest confidentiality. Only candidates that meet our criteria will be notified.