|Date Posted||February 8, 2021|
Telecommunication & ISP
|Career Level||Mid Level|
|Base Salary||Competitive Salary|
Reporting to: Director Security, Risk and Compliance
Job Group: 2B
Division: Telenor Global Shared Services Pakistan
Unit: IT Security
Why should you join Telenor
Telenor gives you the opportunity to become a skilled professional in your field of interest. Rated as the top employer of the country, Telenor enables you to realize your dreams in an environment of diversity and openness to new mindsets.
Telenor Global Shared Services Pakistan is hiring a Cyber Security Specialist who will take a central role in driving security’s role and ambition in GSS. We believe security is both a differentiator for our business and provides trust in our services.
Telenor Global Shared Services Pakistan, a Shared Service Centre, is a service provider of Global IT Solutions in Telenor. As a Cyber Security Advisor, you will be ensuring implementation and operational management of cyber security controls, drive uplift activities and take ownership of technical security areas across different IT systems and platforms.
- Make sure we comply with relevant cyber security standards that ensures business long term information security strategy, setting the standard for security in the line organization and projects in collaboration with Telenor group, Telenor Business Units, vendors and partners with solutions from a wide range of vendors, to make cyber security controls effective and supports the key for business success.
- Cloud adoption and security controls, follow-up of vendors and security requirements
- Drive and coordinate different Security uplift activities like the ongoing Security Maturity journey & mapping, Office 365 and End User Computing Security activities
- Drive and coordinate Vulnerability and Patch management activities and follow-up across different systems and platform in the unit (which spans from Hybrid to public cloud components including Azure & AWS)
- Establish and maintain a holistic risk register and participate in making sure that risks and mitigations are moving in the right direction
- Utilize ISO27001 framework to implement and drive different key security initiatives
- Develop, maintain and implement Cyber Security standards and practices according to enterprise security requirements and business goals
- Guide, evaluate and set standards for security controls in our systems, preferably cloud focus
- Ensure auditing of security policies and procedures
- Develop and maintain security strategy, policies and procedures
- Identify, investigate and report on security breaches and security incidents
- Review findings with key stakeholders, implement measures to avoid recurrence
- Test security levels at relevant systems in projects or in operation
- Guide, review, evaluate vendors and partners in the security area
- Evaluate and report business risk in view of cyber security and the changing threat horizon
- Bachelor’s degree or higher in IT/Engineering/Computer Sciences/Business Sciences or similar.
- Relevant security certifications like CISSP, CCSP, CISA, CEH, CISM or similar is a bonus
- 4+ years of experience in information security domain including cyber security experience.
- Very good knowledge about Security Controls (example CIS or NIST) and how to apply in practical terms, including Cloud Adoption of the same
- Good knowledge about Vulnerability and Patch management, including operational follow-up
- Knowledge of networks, security standards, firewalls, proxies and security technical risks related to key platforms, preferably set to public cloud context
- Knowledge about Windows operating systems, technical terms and security capabilities including Azure / O365 connectivity in a modern Enterprise
- Knowledge about SIEM solutions (like Splunk) is a bonus
- Knowledge about Palo Alto security components is a bonus
- Analytical thinking abilities and excellent presentation and communication skills
- Adherence to Telenor’s values and leadership expectations
- Attention to details (processes, data, systems and structure)
- Outgoing and good at establishing dialog with various professional and colleague groups
- Able to see the totality despite many details
- Able to work independently within defined limits
- Strong proficiency in English
- Good pedagogical and communication skills, with the ability to explain and tune the message to the audience (ex from technical to management) on complex security topics
- Structured, self-driven and forward leaning
- Understand and evaluate business impact