System Admin / Security Engineer
Tile Mountain, Pakistan
Job Description
Our company is looking for an experienced System Administrator and Security Engineer to support the development of the
business.
System Admin:
It is a varied role, meeting the needs of a changing, rapidly expanding business.
Reporting to the IT Director. This role is based in our Islamabad office. Supporting the development office in Islamabad and also the offices in the UK.
You will be responsible for a broad spectrum of technologies including firewalls, networking, WiFi, VPN’s, Network Security, WSUS, Group Policy, backup systems, Hyper-V, Linux servers, Ubuntu, Imaging Softwares, FreePBX, MySQL, MSSQL. Ubiquiti, Magento, Azure, AWS, Print Servers, Veeam, System Monitoring Tools (Grafana, Jet Profiler, kibana).
Security Engineer :
Security Enginer who is an expert in data and system security and have a good understanding of GDPR.
Lead the enterprise data engineering security development practices to ensure that information protection requirements and associated security controls are integrated into the platform
Recommend the appropriate technology patterns to ensure Data Engineering's compliance and conformance across all data security and privacy category standards
Architect and implement workflows for data access and baseline activity logging and monitoring services.
Establish and maintain specification policies to drive data masking, anonymization, encryption, and de-identification mechanisms within applicable environments
Lead the design & build of specifications/guidelines to set up test data sets with appropriate scrambling and encryption.
In alignment with GDPR, manage and operationalize the appropriate process and technology to be in alignment with companies’ data retention and disposal policies, procedures
Facilitate risk escalation, exception processes, and development of remediation plans when security standard alignment is not possible
Provide continual education to the Data Engineering organization on company and industry leading security and privacy practices
Execute and review regular scanning of existing databases, file shares, SharePoint sites and other data repositories for sensitive data.
Document findings; engage stakeholders and risk management partners on acceptable remediation approaches; and track repeat offenders over time.
Administer assigned security systems, in accordance with appropriate policies, SLAs, and directions from leadership.
Vet and fulfill requests for exceptions to security policies/standards related to protecting data at rest on premises or in the cloud.
Job Specification
System Admin :
1y+ previous commercial experience as a systems administrator or similar role.
In depth understanding of network security best practices.
Microsoft Server 2016 platform design, delivery and support
Networking design, build theory and practical experience
Monitor systems performance and functional operations.
Monitor and maintain the data storage environments.
Experience in System Engineering including managing multi-site Active Directory environments,
Windows Servers, IIS, MSSQL.
Experience with Backup and Recovery systems
Security Engineer :
Extensive Knowledge of data security standard methodologies for structured and unstructured data repositories
Hands-on experience with data protection technologies (i.e. data loss prevention, encryption, data-masking, rights management, and database activity monitoring).
An understanding of the business requirements process used to effectively identify and apply security controls.
Experience designing and implementing security solutions for data-oriented platforms. This includes the implementation of encryption, redaction, masking or anonymization schemes
Strong knowledge and understanding of current business continuity and disaster recovery planning techniques and technologies, as well as the methods used in performing risk analyses and business impact analyses
Extensive experience in working with data-intensive applications and infrastructures
Solid understanding of data governance and data life cycle management practices.
Risk Certifications a plus (CISSP, CRISC, other Risk Management certifications)
"Must speak excellent english"