Information Security Officer
Universal Digital Health Care (UDHC) , Pakistan

Key Responsibilities:

• Cloud Security Architecture: Design, develop, and implement robust security architecture for cloud-based systems, ensuring compliance with industry standards and regulations. Had working for SIME deployments i.e. WAZUH or any similar tool.

• Security Implementation: Deploy and configure security tools, controls, and technologies in cloud environments, such as firewalls, intrusion detection/prevention systems, encryption mechanisms, and access controls.

• Risk Assessment and Management: Conduct regular risk assessments and vulnerability scans to identify and mitigate security risks and threats in cloud infrastructure and applications.

• Incident Response: Develop and maintain incident response plans and procedures to effectively respond to security incidents, including investigation, containment, and remediation.

• Security Monitoring and Logging: Implement monitoring and logging solutions to continuously track and analyze security events and activities within cloud environments and respond promptly to any suspicious behavior or anomalies.

• Identity and Access Management (IAM): Manage user access and permissions in cloud platforms, ensuring least privilege principles are enforced and access controls are properly configured.

• Security Compliance: Ensure compliance with relevant security standards, regulations, and frameworks (e.g., GDPR, HIPAA, ISO 27001) in cloud environments, and assist with audits and assessments as needed.

• Security Awareness and Training: Develop and deliver security awareness programs and training sessions to educate employees and stakeholders on cloud security best practices and policies.

• Collaboration and Communication: Collaborate with cross-functional teams, including IT operations, development, and business units, to integrate security into all aspects of the cloud lifecycle and communicate security requirements effectively.

• Continuous Improvement: Stay abreast of emerging threats, vulnerabilities, and security technologies in the cloud space, and recommend and implement improvements to enhance the overall security posture.

Qualifications:

• Bachelor’s degree in computer science, Information Security, or a related field; master’s degree preferred.

• Proven experience (2-3 years) working as a security engineer or architect, with a focus on cloud security.

• Strong understanding of cloud computing platforms (e.g., AWS, Azure, Google Cloud) and their security features and services.

• Hands-on experience with cloud security tools and technologies, such as cloud access security brokers (CASBs), cloud workload protection platforms (CWPPs), and cloud security posture management (CSPM) tools.

• Certifications such as Certified Cloud Security Professional (CCSP), or AWS Certified Security Specialty are highly desirable.

• Excellent analytical, problem-solving, and communication skills.

• Ability to work independently and collaboratively in a fast-paced environment.

• Strong commitment to maintaining the highest standards of security and compliance.

• Experience with scripting and automation (e.g., Python, PowerShell) for security tasks is a plus

Job Rewards and Benefits