Objectives of this Role
• Guard all company data, particularly sensitive information, from both internal and external threats by designing broad defenses against would-be intruders
• Take the lead in day-to-day monitoring for unusual activities, implement defensive protocols, and report incidents
• Collaborate with other members to develop new protocols, layers of protection, and other proactive and defensive systems for remaining ahead of cyber criminals
• Maintain documentation of security guidelines, procedures, standards, and controls
• Maintain knowledge of current cybercrime tactics
Responsibilities:
• Collect data on current security measures for risk analysis, and write systems status reports regularly
• Monitor constantly for attacks and run appropriate defensive protocols if a breach occurs
• Conduct testing to identify vulnerabilities, and collaborate with the cybersecurity team to update defensive protocols when necessary
• Configure antivirus systems, firewalls, data centers, and software updates with a security-first mindset
• Grant credentials to authorized users, monitor access-related activities, and check for unregistered information changes
• Help lead employee training to prevent phishing and other forms of cyberattacks
Skills and qualifications:
● Knowledge of security frameworks: strong understanding of security frameworks such as ISO 27001, NIST, and CIS.
● Risk management skills: identify and assess risks, and develop risk management plans to mitigate them.
● Technical skills: a solid understanding of networking, operating systems, databases, and security technologies such as firewalls, intrusion detection/prevention systems, and antivirus software.
● Incident response skills: respond to security incidents effectively, including identifying the root cause, containing the incident, and restoring normal operations.
● Communication skills: communicate effectively with both technical and non-technical stakeholders, including executives, IT teams, and end-users.
● Analytical skills: analyze data and make informed decisions based on the information available.
● Business acumen: good understanding of business operations, strategies, and objectives to align security goals with the overall business goals.
● Continuous learning: willingness to continuously learn and stay up-to-date with the latest trends and technologies in the security field.
● Certifications: Certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), and Certified Information Security Manager (CISM) can demonstrate the security specialist's expertise and knowledge.
目前仍採線上面談。
新北市新店區中興路三段88號11樓