Security & Controls Specialist - Amman, Jordan
Avertra is a global integration services, product development and consultancy organization focused on the energy and utilities industry. We attract and hire the industry’s most innovative and experienced problem solvers, each dedicated to our mission of helping our clients realize the full value of their investments in IT and in Avertra.
Avertra’s industry-leading process knowledge and technology expertise combined with influences from consumer-centric industries has resulted in the genesis of our innovative User Xperience Unification (UXU) framework, which is available throughout our MiUtility platform of solutions for:
-Call center optimization
-Omni-channel customer engagement
-Mobile work force management
-Meter reading
And much more!!
POSITION OVERVIEW
The Security and Controls Specialist is the primary individual responsible for ensuring that Avertra’s security program is carried out across the organization.
JOB RESPONSIBILITIES
- Conducts network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, SIEM, NAC, Vulnerability Management tools, and Host Based Security System (HBSS), etc.
- Correlates activity across networks, applications, and systems to identify trends of unauthorized use or opportunity for misuse
- Reviews alerts and data from sensors and documents formal, technical incident reports
- Researches emerging threats and vulnerabilities to aid in the identification of incidents
- Analyzes data from threat and vulnerability feeds and analyzes data for applicability to the organization
- Identifies and resolves false positive findings in assessment results
- Performs compensating controls analysis and validates efficacy of existing controls
- Generates reports on assessment findings and summarizes to facilitate remediation tasks
- Develops and enforces computers, software, switch and routers security standards
- Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies
- Recommends improvements to the Information Security Program to the Information Security Officer
- Plans, develops, and executes vulnerability scans of organization information systems
- Ensures compliance with all applicable configuration standards
- Manages enterprise vulnerability assessment and configuration assessment tools
- Recommends security controls and/or corrective actions for mitigating technical and business risk
- Produces vulnerability, configuration, and coverage metrics and reporting to demonstrate assessment coverage and remediation effectiveness
NEEDED COMPETENCIES
- Technical expertise in analyzing threat event data, evaluating malicious activity, documenting unusual files and data, and identifying tactics, techniques and procedures used by attackers
- Technical expertise in system security vulnerabilities and remediation techniques, network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, etc.)
- Technical expertise in security engineering, system and network security, authentication and security protocols, cryptography, and application security
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- An ability to effectively influence others to modify their opinions, plans, or behaviors
- An understanding of business needs and commitment to delivering high-quality, prompt, and efficient service to the business
- Ability to speak and write clearly and accurately
QUALIFICATIONS
- Degree in Computer Science, Information Technology, or any related field
- At least 5-8 years of experience in IT Security, Controls, or Auditing
- Excellent English
- Able to interact with internal and external customers remotely via phone or conference system
- Must possess a minimum of intermediate skill level with MS, Word, Excel and PowerPoint.
- Knowledge of relevant software computer applications and systems
- Effective listening skills
- Multi-tasking capabilities