Information Security Specialist

Job Title: Information Security Specialist
Job Family: Technology Operations
Report To: Information Security Team Leader
Subordinates: None

Company Overview

Eastnets is a leading player in the B2B fintech industry. We are a global provider of compliance and payment solutions for the financial services sector. Our experience and expertise help ensure trust at 800 financial institutions across the world, including 11 of the top 50 banks. For more than 35 years, we’ve worked to keep the world safe and secure from financial crime. We do it by helping our partners manage risk through sanction screening, transaction monitoring, analysis, and reporting, plus market-leading consultancy and customer support. Have a look at our website here: www.eastnets.com.

Job Description

The Information Security Specialist is responsible for the administration and maintenance of diverse security systems, including EDR, SIEM, and vulnerability management.

This role involves monitoring system performance, promptly responding to security incidents, conducting vulnerability assessments, and collaborating with infrastructure teams for seamless integration. The Information Security Specialist plays a crucial role in incident handling, from detection and analysis to post-incident measures. Additionally, they stay informed on the latest security threats, evaluate new technologies, and enforce enterprise security policies, contributing to the overall enhancement of the company's security posture.

Responsibilities & Duties

Security Systems Administration:

• Administer and maintain various security systems, such as firewalls, intrusion detection/prevention systems, EDR, SIEM, vulnerability management systems, and data loss prevention systems.

• Monitor the performance and availability of security systems, ensuring they are up to date and functioning optimally.

• Collaborate with the IT team to integrate security systems into the overall IT infrastructure.

Ticket Resolution:

• Respond to security-related tickets and incidents promptly and effectively.

• Investigate and resolve security issues, working closely with other IT teams as necessary.

• Document and maintain a record of incident response activities, including root cause analysis and remediation steps.

Vulnerability Management:

• Perform vulnerability assessments on systems and networks.

• Identify and prioritize vulnerabilities based on risk assessments.

• Collaborate with system administrators and developers to remediate vulnerabilities in a timely manner.

Incident Handling:

• Detect, analyze, and respond to security incidents, including malware infections, unauthorized access attempts, and data breaches.

• Participate in incident response efforts by being part of the incident response team and working closely with other stakeholders.

• Conduct post-incident analysis and implement measures to prevent similar incidents in the future.

Research and Evaluation:

• Stay updated on the latest security threats, vulnerabilities, and industry best practices.

• Research and evaluate security solutions, tools, and technologies to meet industry standards and enhance the company's security posture.

• Provide recommendations for implementing new security controls and improving existing ones.

Policy Enforcement and System Hardening:

• Implement and enforce enterprise security policies and procedures.

• Assist in defining security standards and guidelines.

• Conduct system hardening activities, including configuring and maintaining secure baseline configurations for various systems and applications.

• Maintain the security of the information, devices, and systems that Eastnets and its personnel, customers, and partners use.

• Protect Eastnets business information and any customer, supplier, or partner information within its custody by safeguarding its confidentiality, integrity, and availability.

• Adhere to and comply with Eastnets internal security policies, Code of Ethics, Non-Disclosure Policy, Non-Compete Policy, Email Policy, Proprietary Rights Acknowledgement, Background Check Policy, and all other internal policies and employee handbook.

• Participate in the company-wide initiatives.

Qualifications

• Bachelor's degree in Computer Science or a related field.

• 2+ years of experience in cybersecurity or IT audit roles, preferably in the financial sector.

• Full professional proficiency in English.

• Proven experience in security systems administration and incident response.

• Security+, CEH, CISSP, CISM, and product-related certificates would be a plus.

• SWIFT CSP Assessor certification (e.g., SWIFT Independent Assessment Framework trained).

• Strong understanding of SWIFT messaging systems and network architecture.

• Hands-on proficiency in conducting assessments and preparing compliance reports.

• Familiarity with AI technologies and their application is a strong plus

Back to all roles