Risk Management: Assess risk related to information technology (IT) systems and data.
Monitoring and Mitigation: Monitor, evaluate, and manage IT activities to identify current threats and mitigate vulnerabilities, including future challenges.
Safeguard Information System Assets: Implement or enhance security measures to secure organizations data and resources against internal & external hacks and malicious activities.
Defining Access Privileges and Control Structures: Setting up access controls to restrict unauthorized or limited access.
Compliance and Regulations: Ensure compliance of IT security regulations and standards.
Qualifications
Minimum bachelor's degree from related major.
Minimum 5 years of experience in Cybersecurity preferably in mining industries.
Network Security: In-depth knowledge and experience in network security, firewalls, and intrusion detection system.
Endpoint Security: Proficient in endpoints (computers, servers and mobile devices) security.
Website & Web Apps Security: Experience in safeguarding websites, web-application and API against attack (XSS, SQLi, Dos, DDos).
Cloud Security: Proficient with Cloud security tools, systems, and environments.
Programming Security: Familiar with security related languages (Python, JavaScript, PowerShell, SQL, Java, PHO).
Incident Response: Experience in handling and responding to security incidents.
Vulnerability Assessment: Ability to identify Vulnerabilities and recommend mitigation actions.
Risk Assessment: Understanding the balance between security requirements and operational efficiency.
Pentest: Familiar with penetration testing tools like Metasploit, Burp Suite, Nmap, Wireshark and vulnerability scanner.
Pentest Project: Experience is managing penetration test projects.
Security Frameworks: Familiarity with industry standards such as NIST, CIS Control or COBIT.
Critical Thinking: Evidence of problem-solving skills and the ability to analyze complex security issues.
Preferably have CompTIA Security+, CEH or CISSP certification.
