Responsibilities:
Auditing and reporting on established security operational reports.
Monitor MDR and EDR escalations for alerts.
Monitor external security rating portals, such as BitSight, for threat findings and triage issues until resolution.
Ensuring 2FA/MFA (2-factor or multifactor authentication) policies are enforced and current
SSL/TLS certificate audits (public-facing web servers, RDP servers and Kubernetes)
Auditing and reporting on all external and internal web services to ensure they are secure using scanning tools
Work with external vendors to provide an annual external/internal pentest, triage risk assessment, and recommendations.
Work with the development group to ensure best practices are in place for web applications (CORS, CSP, reverse proxy, SQL injection, etc.) and sensitive data (credit card, health care data, personally identifiable information)
Communicate the benefits of cybersecurity diligence to ensure cybersecurity stays on the organization's radar and champion all related efforts going forward.
Work with the ISO 27001 team to maintain and improve documentation and processes.
Work with Operations and Infrastructure teams to ensure operational security compliance (Windows Server/Windows updates, Sophos AV updates, etc.).
Manitoulin Group of Companies
https://careers.smartrecruiters.com/ManitoulinGroupOfCompanies