The core responsibilities of this position are as follows:
• Design and Implement Network Security Processes
o Implementation of firewalls, intrusion detection systems and other security measures to prevent
unauthorized access to the network.
o Identify security risks and develop strategies to mitigate these risks.
o Remain abreast of all current security threats and ensure all security processes remain effective.
• Monitor and Evaluate Network Security
o Conduct regular security audits and vulnerability assessments to identify potential threats and
vulnerabilities that could be exploited by malicious actors.
o Monitor network traffic and analyze security logs using existing tools to detect suspicious activity
and respond to security incidents managed by the Incident Manager in a timely and effective
manner.
o Assist in evaluation and implementation of additional security tools as needed and developing
processes and procedures for their use.
• Provide Technical Support
o Provide technical support and guidance to other members of the organization.
o Assist in training staff members on security best practices, troubleshooting security issues and
responding to security incidents. technical support.
o Ability to communicate complex technical information in a clear and concise manner.
• Security Awareness and Training
o Ensure that security awareness training focuses on application access best practices, password
management, and recognizing phishing attempts and other social engineering tactics.
o Assess the effectiveness of the training across the territory and create training sessions for
employees across various departments (e.g., ARCC, Finance, CRD, HR) relevant to the sensitive
data they handled, ensuring they understand their roles in maintaining cybersecurity.
o Stay informed about new security awareness training methods and technologies to enhance the
effectiveness of training programs.
• Compliance and Best Practices Implementation
o Ensure all cybersecurity policies, practices, and protocols adhere to relevant regulatory and
compliance standards (e.g., NYSHIELD, GDPR, HIPAA, PCI-DSS).
o Creating and updating security policies and procedures to align with best practices and ongoing
compliance requirements.
o Assist the Information Security Director by participating in internal and external audits, providing
necessary documentation and evidence of compliance where warranted.
• Threat Intelligence and Research
o Actively follow cybersecurity news, trends, and threat intelligence reports to stay ahead of the
organization's potential security threats.
o Lead internal threat intelligence by analyzing and summarizing current threats, vulnerabilities,
and attack methodologies.
o Engage with cybersecurity communities and forums to exchange knowledge and stay informed
about emerging cybersecurity technologies and practices.
• Tools and Technologies Management
o Assist in evaluating, selecting, and deploying cybersecurity tools and technologies that enhance
the organization's security posture.
o Ensure proper configuration, maintenance, and update of security tools to optimize their
effectiveness and efficiency.
