ICT Security Specialist

Diversity Atlas is seeking a dedicated ON-SITE Security Specialist to enhance and protect our digital assets, ensuring a secure and resilient work environment. The specialist will conduct comprehensive security tests, manage server operations, and implement cutting-edge security measures across various platforms and applications. This role requires a proactive approach to identifying vulnerabilities, optimizing performance, and ensuring the highest level of data integrity and confidentiality.

Tasks & Duties

• Security Auditing and Testing: Develop checklists for auditing services, conduct remote penetration testing, and ISO27001 audits, collaborate with the IT team to identify vulnerabilities, and recommend proactive security measures.
• Database and Web Server Maintenance and Monitoring: Provide remote consultation to optimize configurations, monitor performance, and implement maintenance procedures ensuring uninterrupted access to services.
• Kubernetes and Docker Management: Inspect and manage Kubernetes and Docker images, perform vulnerability scans, and address security weaknesses using tools like Synk and Cloudflare.
• Encryption and Cryptographic Keys: Prioritize secure encryptions for generating cryptographic keys, educate the remote workforce on the benefits and usage of cryptographic keys.
• Security Policies and Disaster Recovery: Establish and maintain policies for regular key rotation and disaster recovery plans, guide workforce adherence, and conduct regular checks.
• Remote Backup Strategy: Implement a regular backup strategy, create and store backups in different locations in compliance with data privacy guidelines.
• Vulnerability Assessments and Risk Analysis: Conduct vulnerability assessments and risk analysis, provide recommendations, and implement security controls.
• Security Monitoring and Incident Response: Monitor and analyze security events and incidents, respond to security incidents, and collaborate with teams for incident response.
• Security Awareness Training: Develop and deliver security awareness training and education programs to foster a security-conscious culture among employees.
• Secure Programming and Security in Design: Implement secure programming best practices and ensure security is integrated into the design phase of all projects.
• Secure Communications: Maintain and enhance secure communication protocols to protect the integrity and confidentiality of data in transit.
• High-Level Architectural Security Design: Design and review high-level security architectures for organizational systems and infrastructure to ensure robust defense against threats.

Essential skills

• Proficiency in remote security operations, penetration testing, and vulnerability assessments.
• Knowledge of database and server maintenance, Kubernetes, Docker, and encryption techniques.
• Strong problem-solving and analytical skills.
• Ability to work independently and collaboratively with a remote team.
• Excellent communication skills for effective remote collaboration and training.
• Proficiency in using remote tools and platforms for security management and training.
• Expertise in secure programming and security in design principles.
• Skills in maintaining and enhancing secure communication protocols.
• Ability to design and review high-level security architectures.

Qualifications Needed:

• Minimum Academic qualification: Master of Information Security or similar in the field of  IT
• Years of work experience: 8 years +
• Extensive experience in security operations, particularly in a remote environment.
• Experience with database management, server operations, and cloud platforms.
• Demonstrated ability in handling security incidents and implementing preventive measures.
• Continuous learning attitude to stay updated with the latest security practices and technologies.