Applications are invited from interested and suitably qualified candidates for World Vision International Recruitment 2022.
World Vision International is an Evangelical Christian humanitarian aid, development, and advocacy organization. It prefers to present itself as interdenominational and also employs staff from non-evangelical Christian denominations.
Job Title: Global Cybersecurity Analyst
Individuals working as Global Cybersecurity Analysts are responsible for working on security projects/issues for one or more functional areas (e.g., data, systems, network, and/or Web) across the enterprise, developing security solutions for medium to complex assignments, working on multiple projects as a team member and lead systems-related security components. They provide expertise and assistance to all IT projects to ensure the company’s infrastructure and information assets are protected.
Individuals within the IT Security job family plan, execute and manage multi-faceted projects related to compliance management, risk assessment and mitigation, control assurance, business continuity, disaster recovery, and user awareness. They are focused on developing and driving security strategies, and policies/standards, ensuring the effectiveness of solutions and providing security-focused consultative services to the organization.
Individuals develop, execute and manage data, system, network, and internet security strategies and solutions within a business area and across the enterprise. They develop security policies and procedures such as user log-on and authentication rules, security breach escalation procedures, security auditing procedures, and the use of firewalls and encryption routines. To guide the enforcement of security policies and procedures, they administer and monitor data security profiles on all platforms by reviewing security violation reports and investigating security exceptions. They update, maintain, and document security controls and provide direct support to the business and internal IT groups. IT Security professionals evaluate and recommend security products, services, and/or procedures. They also communicate and educate IT and the business about security policies and industry standards, and provide solutions for enterprise/business security issues.
IT Security professionals require strong technical, analytical, communication, and consulting skills with knowledge of IT Security and related technologies. Security certifications (i.e., PCI Internal Security Assessor (PCI-ISA), CompTIA Certified Technical Trainer (CTT+), Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), Global Information Assurance Certification (GIAC) and/or other certifications) may be required.
POLICIES, PROCESSES, & STANDARDS:
• Maintains an up-to-date understanding of industry best practices.
• Develops, enhances, and implements enterprise-wide security policies, procedures, and standards.
• Monitors compliance with security policies, standards, guidelines, and procedures.
• Ensures security compliance with legal and regulatory standards.
• Participates with the project team(s) to gather a full understanding of project scope and business requirements.
• Works with customers to identify security requirements using methods that may include risk and business impact assessments.
• Provides security-related guidance on business processes.
• Participates in designing secure infrastructure solutions and applications.
• Works directly with the customers and other internal departments and organizations to facilitate IT risk analysis and risk management processes and to identify acceptable levels of residual risk.
• Conducts business impact analysis to ensure resources are adequately protected with proper security measures.
• Analyzes security analysis reports for security vulnerabilities and recommends feasible and appropriate options.
• Creates, disseminates, and updates documentation of identified IT risks and controls.
• Reports on significant trends and vulnerabilities.
• Develops plans to achieve security requirements and address identified risks.
• Follows up on deficiencies identified in monitoring reviews, self-assessments, automated assessments, and internal and external audits to ensure that appropriate remediation measures have been taken.
SECURITY TRAINING & CERTIFICATION:
• Performs security training.
• Develops security training and certification programs including curriculum, content, and materials.
• Manages learning management solutions.
• Provides responsive support for problems found during normal working hours as well as outside normal working hours.
• Identifies and resolves root causes of security-related problems.
• Interfaces regularly with staff from various departments communicating security issues and responding to requests for assistance and information.
• Reports to management concerning residual risk, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance.
• Works with third-party vendors during problem resolution.
• Interfaces with third-party vendors to evaluate new security products or as part of a security assessment process.
• Mentors less experienced team members.
KNOWLEDGE/QUALIFICATIONS FOR THE ROLE:
Required Professional Experience:
• Bachelor’s Degree in Computer Science, Information Systems, or another related field, or equivalent work experience.
• Work experience in training and certification management.
• Work experience in designing, implementing, and security training.
• Work experience in designing, implementing, and security policies and standards.
• Typically has 3-5 years of combined cybersecurity work experience with a broad range of exposure to information security and data protection.
• Willingness and ability to travel domestically and internationally, as necessary.
• Work experience in compliance, risk, and IT service management.
Preferred Knowledge and Qualifications:
• CISSP certification
• CompTIA Certified Technical Trainer (CTT+)
• Microsoft Certified Trainer (MCT)
• Project Management experience
• Risk Management experience
• Security Training and Certification
• The position requires the ability and willingness to travel domestically and internationally up to 20% of the time.
How To Apply For The Job
To submit your application, click on the link below and complete all relevant fields on the online application form.
Interested applicants should CLICK HERE to Apply
Application Deadline: 22nd December 2022