We are looking for Information Security Engineer / Consultant with following experience to work with us
Information Security Engineer / Consultant will work on Information Security projects. He / she should have experience / knowledge following:-
- Development of security policies, standard and procedures
- Good understanding of security framework documentation and policies covering areas
o Human Resource security
o Assets Management
o Access Control
o Cryptography
o Physical and environment security
o Operational Security
o Communication Security
o System acquisition, development and maintenance
o Supplier relationship
o Information Security Incident Management
o Business Continuity Management
o Disaster Recovery Planning
o Good understanding of Business Impact Assessment (BIA)
- Excellent working knowledge of ISO 27001, NIST framework and SANS
- Assist in the security framework control scoping, evidence collection, control testing and corrective action planning collaboratively across BCBSM/Entities
- Maintain a consistent and organized approach to tracking compliance requirements within the enterprise GRC technology solution
- Develop and track mitigation plan status with control owners cross-functionally
- Develop necessary reports and presentations collaboratively
- Perform ongoing analysis and monitoring of critical the security framework requirements to detect potential issues with compliance
- Assist in coordinating the enterprise wide activities across key stakeholders and entities
Develop and manage information security initiatives for multiple IT functional area across the enterprise related to risk management, mitigation and response, compliance, control assurance, and user awareness. Develop and drive security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-consultative services to the organization. Work on multiple complex projects as team member or technical lead.
· Development of information security policies, standards and procedures
· Development of security baseline document
· Assess overall compliance of the organization in-line with standards
· Identify information assets to be protected by security controls.
· Identify applicable regulatory requirements for data protection.
· Identify all points of data flow – input, transit, processing/use/view, at rest/storage.
· Determine scope of systems and applications to be evaluated (hardware, software).
· Identify parties responsible for security practices.
· Assess layers of security (defense in depth) – e.g., perimeter, network, infrastructure/endpoint, application, data; cloud-hosted SaaS, PaaS, IaaS.
· Identify critical missing security controls, and compensating or mitigating controls in place to reduce risk.
· Formally communicate in writing results of evaluation to parties responsible for addressing the security risks.
· Provide guidance to responsible parties on options to mitigate security risks.
· Maintain formal records of the due diligence work completed to evaluate and communicate security risks.
3 – 5 years of working experience.
- Knowledge of the following within Information Technology: general controls, compliance, assessments, audit experience as well as knowledge and understanding of governance, risk & compliance
- Knowledge of security and risk frameworks, standards, best practices (e.g. NIST CSF, ISO/IEC 27001, COBIT)
- Strong security technical knowledge
- Works independently and collaboratively to resolve challenges facing the team quickly and completely
- Excellent communication and presentation skills and the proven ability to work effectively with all levels of IT and business management.
- Flexible, self-motivated, and able to work independently in a fast-paced environment
Bachelor of IT or Computer Science
Master will be added advantage
· ISO 27001 Lead Auditor
· Security Certifications CISSP or CISM or CISA
· Awareness of common information and cybersecurity management frameworks, such as ISO/IEC 27001, ITIL, COBIT, CIS, and NIST CSF and SP Series.
Based on knowledge and experience, which will be discussed during interview
One-year renewable contract
Karachi, Pakistan
Please send your CV at following email address:-
We are looking for RedHat OpenShift Engineer with following experience to work with us
Summary of the Role
RedHat OpenShift Engineer will need to have good working knowledge and understanding of RedHat Linux, RedHat OpenShift, MongoDB, DevOps and security. Having a strong background in Linux administration, virtualization, networking, and security will be required in successfully fulfilling this role.
Responsibilities
The ideal candidate for this role need to have RedHat OpenShift background in addition to a good knowledge of DevOps and security:-
1. Focus on administering and supporting the OpenShift Container Platform ecosystem for both public cloud and on premise
2. Installing and setup RedHat OpenShift on the defined platform as per the requirements
3. This includes managing container tenant provisioning, isolation, and capacity
4. Manage the container platform ecosystem (installation, upgrade, patching, monitoring)
5. Manage MongoDB cluster platform ecosystem (installation, upgrade, patching, monitoring)
6. Providing technical L1 and L2 support
7. Troubleshooting and resolving technical issues.
8. Applying security upgrades.
9. Creating and presenting support reports.
10. Training end-users on RedHat OpenShift operations.
Experience
1 – 3 years of working experience in similar role.
Skills
- Working experience with RedHat OpenShift Container Platform
- Working expertise with Kubernetes.
- Working expertise in RedHat Linux administration.
- Working knowledge of MongoDB
- Knowledge and expertise working with Docker or similar container technologies.
- Knowledge and experience with cloud PAAS/IAAS technologies.
- Experience in Infrastructure provisioning, monitoring and Ops
- Works independently and collaboratively to resolve challenges facing the team quickly and completely
- Excellent communication and presentation skills and the proven ability to work effectively with all levels of IT and business management.
- Flexible, self-motivated, and able to work independently in a fast-paced environment
Education
Bachelor of IT or Computer Science Master will be added advantage
Certifications and trainings
• RedHat Linux certification is preferred
• RedHat OpenShift certification is preferred
Package
Will be discussed during interview.
Contract Terms
Permanent
Job Locations
Karachi, Pakistan
Email address and Website Please send your CV at following email address:- careers@uticybersecuritycloud.com Company website: www.uticybersecuritycloud.com
We are looking for a Training Center Manager with Security trainer background with following training experience, certification and education
Summary of the Role
- Provide following trainings:-
- Security awareness training
- Certificated Information Security Officer (CISM)
- Certified Information System Security Professional (CISSP)
- Certified Cloud Security Professional (CCSP)
- Lead training sessions and conduct learning activities pertaining security above security courses
- Answer questions from the trainees and provide tutoring within the session as needed.
- Designs and conducts training and education programs to support information and privacy security personnel.
- He/she assesses training needs, designs and delivers curricula and learning materials, and manages and tracks all phases of training programs.
General Responsibilities
- Assist in setting-up training center facility
- Manage day-to-day affairs of training Center including
- Student affairs
- Preparation of necessary training materials including PPTs, PDF, handouts etc
- Arrangement of course and class schedule
- Maintain student attendance and other required records
- Develops and manages the associated role-based training plans and materials to enable privacy and information security participants to perform their functions effectively and efficiently.
- Tracks and reports completion of training and certification programs
- Works independently and collaboratively to resolve challenges facing the team quickly and completely
- Excellent communication and presentation skills and the proven ability to work effectively with all levels of IT and business management.
- Flexible, self-motivated, and able to work independently in a fast-paced environment
Education Requirements:
Bachelor's / Master's Degree and 5+ years' IT Security training experience
Experience
- Experience in designing, developing and implementing complex security-related training and education plans, materials and content
- Experience in developing a role-based training and credentialing content
Experience in preparing and making written and oral presentations of complex technical nature
- Demonstrated ability to coordinate multiple tasks
- Understanding of information security architectures, technologies, standards, and practices to secure applications and IT systems, desirable
- Experience for managing training center will be an added advantage
Job Location
Karachi, Pakistan
Desired Certifications
- CISM, CISSP, CCSP
- Nice to have CISA
Summary of Role
- Work independently with technical and business stakeholders, understand business problems and perform quick technical assessment and proposal development for leveraging platform services of Azure·
- Estimate and outline the solution approaches, can express and articulate the architecture and design rationale including database, storage, integration and deployment strategies ·
- Hands on in implementing proposed solutions and be able to technically guide teams during development and deployment of solution·
- Has a complete technical ownership of the delivery·
- Need to have excellent written and verbal communication skills for communicating with customer technically and procedurally Qualifications
- Good understanding of Azure Infrastructure services and their limitations·
- Provide best practices around provisioning production and non-production environments on Azure to optimize the usage·
- Have good understanding in implementation of advanced security, authentication and single sign on across cloud and on premise·
- Strong experience in Azure platform Services, understanding of their capabilities and limitations and being able to architect and deliver solutions leveraging various platform services·
- Have experience in implementing enterprise application using platform services like Azure websites, Azure SQL, Azure Service Bus, Azure Queues, Notification hubs, Event hubs, Blob Storage, Table storage, Cosmos DB, Redis Cache, application insights etc.·
Strong expertise in building cloud native enterprise scale applications and moving applications from on-premises to cloud environments·
- Strong understanding of the cloud architecture patterns and solution design principles·
- Ambition to work with back-end development especially integrations·
- Experience in defining and implementing Hybrid scenarios with workloads shared across on premise and Microsoft Azure, application Integration between cloud and on premise environments·
- Experience working in agile/DevOps environment with continuous integration and continuous deployment and application lifecycle management·
Education Requirements:
- Bachelor/Master`s Degree in Computer Science, Engineering or equivalent·
Experience
- 5+ years of experience in designing, developing and deploying solutions in Microsoft technology stack
3+ years of experience in designing and deploying solutions on Microsoft Azure platform
Specific Tasks
- Physical to Azure Migration
- Strong security knowledge
Job Location
Karachi, Pakistan
Desired Certification
Microsoft Certified Azure Solution Architect Expert
Microsoft Certified Azure Administrator
Copyright © 2021 UTI Cybersecurity, Cloud and IT Services - All Rights Reserved.
Powered by GoDaddy
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.