.**Job Overview**:**Key Responsibilities**:- Design, oversee implementation, and monitor security measures for the protection of information systems, networks, and data.- Conduct vulnerability assessments, penetration testing, and security audits.- Investigate security breaches and lead incident response efforts.- Develop, update, and enforce company-wide security policies and procedures.- Collaborate with IT to enhance firewall, intrusion detection, and prevention systems (IDS/IPS).- Oversee Implementation and maintenance of security solutions, such as antivirus, encryption, and data loss prevention systems.- Conduct internal and external security audits to ensure compliance with industry security standards and certifications (e.G., ISO 27001, SOC 2, PCI DSS).- Coordinate with external auditors and regulators during the audit process to demonstrate compliance with required security certifications.- Maintain documentation and evidence for audit purposes, ensuring readiness for annual or periodic certification renewals.- Continuously monitor for emerging security threats and vulnerabilities and update systems accordingly.- Support risk management processes by identifying and mitigating potential security risks.- Create and maintain security documentation, including risk assessments, disaster recovery plans, and audit reports.- Provide training and guidance to staff on security awareness and best practices.- Ensure compliance with industry standards and regulations, such as GDPR, HIPAA, and ISO 27001.**Required Qualifications**:- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.- Minimum of 3-5 years of experience in a cybersecurity or information security role.- In-depth knowledge of security frameworks and best practices (e.G., NIST, CIS, ISO 27001).- Experience conducting audits or assessments for security certifications, such as ISO 27001, SOC 2, or PCI DSS.- Experience with network security tools (firewalls, IDS/IPS, VPN, etc.).- Strong understanding of encryption technologies, identity and access management (IAM), and security protocols.- Knowledge of scripting languages (Python, Bash, PowerShell) for automating security tasks.- Familiarity with compliance regulations and industry standards (e.G., GDPR, HIPAA, PCI DSS).- Experience with incident response, threat analysis, and risk mitigation.- Relevant certifications, such as CISSP, CISM, CEH, or CompTIA Security+.**Preferred Skills**:- Experience with cloud security (AWS, Azure, GCP).- Experience with SIEM tools, threat intelligence platforms, and endpoint detection and response (EDR).- Understanding of DevSecOps and integrating security into the development pipeline.- Strong analytical and problem-solving skills.**Personal Attributes**:- Strong attention to detail and ability to work in a fast-paced environment.- Excellent communication skills, both written and verbal.- Ability to work independently and as part of a team