The Cyber Security Specialist is responsible for protecting the university\'s computers, servers, network, applications, and data against information security threats, such as security breaches, computer viruses, cyber-attacks, etc. Suggests strategies, approaches, and tools necessary to ensure the confidentiality, integrity, and availability of university electronic data.
Main roles & responsibilities
Develop and direct the implementation of information security standards and best practices.
Continuously review, implement and maintain effective security policies, procedures, and practices and perform information security-related awareness sessions for university stakeholders, as necessary.
Develop and assure the implementation of different types of internal AIT audits and assessment activities to ensure continuous improvement within AIT.
Regularly review AIT compliance with relevant information security policies, procedures, laws, and regulations, and alert VCAIT to any non-compliance findings together with the recommended action plans.
Analyze information security logs for security violations and anomalies, collect incident responses, and carry out forensic investigations when required.
Conduct penetration testing activities including network penetration testing, web application penetration testing, wireless penetration testing, and communicate the findings with the mitigation procedures to VCAIT.
Ensure proper protective and/or corrective measures are taken when an information security incident or vulnerability is discovered within a system or application.
Implement controls for the execution of risk treatment plans and updates the risk register.
Ensure the AIT continued compliance and certification for ISO 27001. Be the focal point for AIT for internal and external audits.
Manage relationships and coordinate with clients and service providers while providing customized security assessments, implementing security policies, designing security training materials, organizing training sessions, providing technical support, and communicating security policies and procedures.
Required qualification & skills
5 years of relevant IT experience including 3 years of experience in a management position
Bachelor\'s degree in computer science or computer engineering from an accredited university.
Information security certificates (CISSP and CISM).