Information Security Specialist

What we’re looking for:

iENGINEERING is seeking a knowledgeable and experienced Information Security Specialist to join the team. The ideal candidate will possess expertise in analyzing and identifying security issues with web applications and portals. As an Information Security Specialist, you will be responsible for ensuring the confidentiality, integrity, and availability of our organization's information assets by proactively identifying vulnerabilities and implementing appropriate security measures.

What you’ll be doing:

• Conduct thorough security assessments of web applications, portals, networks, and local machines to identify vulnerabilities, weaknesses, and potential threats.
• Develop and implement strategies to mitigate security risks and enhance the overall security posture of web-based systems.
• Collaborate with development teams to integrate security best practices into the software development lifecycle.
• Perform penetration testing and vulnerability scanning to identify and prioritize security issues.
• Stay up-to-date with the latest security trends, threats, and technologies to continuously improve security measures.
• Provide guidance and recommendations to stakeholders on security best practices and risk management strategies.
• Respond to security incidents, conduct investigations, and implement corrective actions as necessary.
• Document security policies, procedures, and guidelines to ensure compliance with industry standards and regulations.
• Conduct security awareness training sessions for employees to promote a culture of security awareness and compliance.
• Participate in the evaluation and selection of security tools and technologies to support the organization's security objectives.
• Seeking an ideal candidate for ISO 27001 and ISO 27701 to lead implementation, maintenance, and compliance of both information security management system (ISMS) and privacy information management system (PIMS) within the organization.

What you’ll bring along:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
  
• 3+ years of experience in ​the relevant field.
• CISSP, CEH, or similar certifications are highly desirable.
• Proven experience in information security, with a focus on web application security.
• In-depth knowledge of common web application vulnerabilities and secure coding practices.
• Experience with security assessment tools.
• Strong understanding of networking protocols, web technologies, and application architectures.
• Excellent analytical and problem-solving skills with the ability to think critically and strategically.
• Effective communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.
• Ability to work independently and collaboratively in a fast-paced environment.
• Strong commitment to maintaining the highest standards of integrity and confidentiality.

What we offer:

• A dynamic and collaborative work environment
• Opportunities to work on best-in-class technology solutions
• Competitive salary and benefits package
• Centrally located office in Blue Area, Islamabad
• A competitive compensation package
• 20 days of annual/sick leaves plus gazetted holidays
• An empowering culture with a high degree of freedom