Group Specialist - Security & Governance

1. Candidate is responsible for identifying the misconfigurations in all the security technologies such as next generation firewall (NGFW), web application firewall (WAF), EDR, PAM, NAC, O365 etc.
2. Develop the technical assurance program to improve the cyber sanity & improve the security posture.
3. Verify compliance against the DP World cyber security standard and baseline.
4. Suggest corrective measures for identified issues during the assessment.
5. Review the network design for any gaps against secure architecture principles.
6. Perform assessment of on-prem, cloud infrastructures and ensure governance across business units as per DP World IT standards.
7. Perform assessment of Azure container resource like Kubernetes, Docker images to identify any misconfigurations & weaknesses.
8. Perform application, server and database compliance checks against the best practices.
9. Automate the security assessments by implementing latest technologies such as AI, ML etc.
10. Periodic follow up with regional IT teams to close the identified gaps.
11. Understand technology trends and the practical application of existing, new and emerging technologies to enable emerging business and operating models.
12. Ensure and monitor effective implementations of the policies and procedures across DP World’s business units.
13. Act as an ambassador for DP World at all times when working; promoting and demonstrating positive behaviours in harmony with DP World’s Founder’s Principles, values and culture; ensuring the highest level of safety is applied in all activities; understanding and following DP World’s Code of Conduct and Ethics policies
14. Perform other related duties as assigned.

QUALIFICATIONS, EXPERIENCE AND SKILLS

Knowledge and Experience

• Bachelor’s Degree in Computer Science or equivalent
• Should have 8-10 years of experience in IT security and governance
• At least 5 years hands on experience in network design and segmentation.
• At least 5 years hands-on experience in security technologies such as NGFW, WAF/ DDoS, PAM, NAC, EDR, Data Classification & DLP etc.
• At least 5 years of experience in auditing in network, servers, databases hosted on cloud & on-premises
• Hands on experience in auditing Microsoft Azure & AWS cloud architecture, services and solutions.
• Must have strong knowledge on network security and infrastructure security.
• Ability to assist in defining and updating information security policies & standard as per industry best practices and regulatory requirements.
• Prior experience in multinational organization and working with virtual teams spread across different regions is desired.

Soft Skills

• Excellent analytical skills.
• Excellent verbal and written communication.
• Program and Project management skills.
• Time management skills.
• Team player and conflict management skills.
• Ability to adapt in a complex environment, loves challenges, with the will and drive to learn new things on his/her own.
• Cultural awareness.

Technical Skills

• Hands-on experience in technologies O365 Security, NGFW, WAF/DDoS, EDR, NAC, PAM, Active Directory, Network design etc.
• Azure and AWS hosting services including infrastructure & security
• Strong understanding of networking, Linux, distributed systems, cloud design patterns, API's, and security.
• Knowledge of developing policies, procedures related to IT & information security processes
• Expertise in Microsoft Word, Excel, PowerPoint & Power BI

#LI-AA6