About the job
WHO WE ARE
Here at FPG we believe in the potential of people. We transform front desk operations into profit centers for the leading hospitality brands worldwide by elevating the performance of their frontline agents, while enhancing guest satisfaction, through our proprietary software IN-Gauge.
WHO YOU ARE
You are an experienced Cyber Security Engineer/Architect with 5+ years of cyber security experience, including experience with log and alert analysis that support incident investigations and network troubleshooting. You have advanced certifications, such as CISSP, SSCP, CISA, CASP, CCNP Security. You have experience in strategic planning and risk modeling to address business risk and compliance, as well as IS governance, risk, domestic and international compliance program, and process development. You have a deep understanding of the tools, techniques, threat landscape, and technical controls required to mitigate a broad variety of cyber threats, and experience with Security Program framework and Model design and development.
WHAT YOU WILL DO
You will take ownership of customer Risk Assessment Standards and compliance to effectively support the launch of IN-Gauge. You will be responsible to document and design set of InfoSec standards supporting current assessment and continuous InfoSec roadmap. You will provide continuous security recommendations to the PE teams.
HOW YOU WILL DO IT
To meet contract standard deadlines to support the launch of IN-Gauge in successfully completing customer.
Efficient and responsive Risk Assessment communication to include teams/zoom calls/email with customer throughout the globe.
Completion of Risk, compliance, security assessments and auditing (including Vendor/third party, IT Audit and Application)
To act a pivotal internal tech lead collaboration with infrastructure and architecture when required to support continuous compliance.
To design, document and continuously update a set of polices, standards and required certificates to support customer RA compliance.
To work with development and infrastructure team to ensure monthly compliance.
To review current polices and update to meeting standards and guidelines.
What you should expect in this role
Establishes strict program control processes to ensure mitigation of risks and supports for obtaining certification and accreditation of IN-Gauge and our enterprise. This includes process support, analysis support, coordination support, security certification test support, security documentation support, investigations, software research, and periodic audits.
Experience with the Risk Management Framework process and creating and managing Plan of Action and Milestones
Engage third-party risk assessment providers to conduct penetration testing, simulating an attack on the systems and network infrastructure to find exploitable weaknesses and provides recommendations related to findings
Reviews and recommends security configuration and policies for firewalls, VPN systems, routers, email protection, Endpoint Detection & Response (EDR), IDS scanning technologies and servers.
Experience with Security Technical Implementation Guides
Experience with security systems, including firewalls, intrusion detection systems, anti-virus software, authentications systems, log management, and content filtering.
Perform regular security assessments and control verification for applications requesting permission to deploy Production changes.
Analyze internal application/system controls, documentation, and settings to identify information security risks to IN-Gauge.
Lead the adoption and integration efforts for new controls into the software.
Evaluate Architecture Design requirements against the applicable security control requirements and identify gaps and remediation options. Document findings lifecycle workflow and approval process.
Supervise the work of the infrastructure teams.
Working in a Security Monitoring/Security Operations Center environment (SOC)
Drive strategy for security awareness management and identify opportunities to improve visibility and sophistication of response capability.
Lead incident response, including steps to minimize the impact and participate with Manage Detection and Response (MDR) partner in conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
Protects system by defining access privileges, control structures, and resources.
Develop and provide leadership to a SecOps team across U.S. and India.
Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
Determines security violations and inefficiencies by conducting periodic audits.
Upgrades system by implementing and maintaining security controls.
Keeps users informed by preparing performance reports and communicating system status.
Maintains quality service by following organization standards.
What will you oversee
Change control compliance.
Initial Vulnerability Assessment and Triage
Immediate Remediation Activities
Interim Governance Model
Vulnerability Management Procedures
Change Control Procedures
Metrics and Reporting Requirements
Application Security Testing
DESIRED SKILLS AND EXPERIENCE
5+ years of cyber security experience, including experience with log and alert analysis that support incident investigations and network troubleshooting
A bachelors degree (preferred). In lieu of degree, advanced certifications, such as CISSP, SSCP, CISA, CASP, CCNP Security. An Ideal candidate has both a bachelor’s degree and advanced certification
Strategic planning and risk modeling to address business risk and compliance
IS governance, risk, domestic and international compliance program, and process development
Security Program framework and Model design and development
Demonstrates deep understanding of the tools, techniques, threat landscape, and technical controls required to mitigate a broad variety of cyber threats.
Strong analytical and creative problem-solving skills
Priority and task management
Strong interpersonal skills to interact with customers and team members.
Strong communication skills to interact with team members and support personnel
Excellent leadership skills
COMPENSATION AND BENEFITS
We offer a competitive compensation and full range of benefits to all regular, full-time employees and their qualified dependents as outlined below.
Compensation: base salary starting at AED 15,000 negotiable based on experience, education and relevant certifications. Monthly incentives based on performance, eligibility starting after 3 months of employment.
Benefits effective date 1st day of the month following date of hire:
Employer health plans (Medical insurance including Dental)
30 days holiday and annual holiday closure
Parental Leave (Maternity & Paternity)