Qualifications:
- Bachelor's degree (S1) in Information Technology, Cybersecurity, Computer Science, or Information Systems.
- Minimum 2–5 years of experience in IT Security, Network Security, or Penetration Testing.
- Experience in developing BCP/DRP documentation or participating in ISO 27001 implementation projects.
- Relevant certifications such as Cisco, ISO/IEC 27001, CEH (Certified Ethical Hacker), eJPT, or OSCP.
- Optional certifications: CompTIA Security+, CySA+, or Business Continuity/Disaster Recovery certifications such as CBCP (Certified Business Continuity Professional).
Responsibilities
Data & Infrastructure Security
- Ensure the security and integrity of company data and IT infrastructure.
- Implement preventive and corrective measures to mitigate cybersecurity risks.
Penetration Testing (Pentest)
- Conduct security assessments on applications, networks, and internal systems.
- Utilize penetration testing tools such as Burp Suite, Metasploit, Nmap, OWASP ZAP, Wireshark, and others.
Business Continuity & Disaster Recovery (BCP/DRP)
- Develop, review, and update company BCP/DRP documentation.
- Conduct regular BCP simulations to ensure operational readiness during disruptions.
Information Security Compliance & Audit
- Ensure all systems comply with international security standards such as ISO/IEC 27001, ISO 22301, NIST, and CIS Controls.
- Support internal and external audits related to information security.
- Prepare security risk reports and provide recommendations for improvement.