JOB DESCRIPTION- MANAGER IT & ISMS: 

Responsible for creating and maintaining security documentation for CRI Group Systems, verifying that systems are hardened and patched, monitoring system security controls, handling security incidents and auditing for policy compliance.  Responsible for implementing new security functionality and making system changes to security servers and devices.  Plans, coordinates and implements security measures to safeguard information against unauthorized modification, destruction or disclosure. Monitors and audits network and servers to detect and prevent unauthorized access to CRI Group Systems. Position holder will be responsible for;

Core Responsibilities

• Perform server administration tasks, including user/group administration, security permissions, group policies, printer & scanner services, research event log warnings, errors and resource monitoring, ensuring system architecture components work together seamlessly.
• Serve as the subject matter expert supporting MAC OSX, Windows and all office software and applications such as Microsoft, Office 365, Adobe and G-Suite products.
• Maintain internal infrastructure requirements including installation, configuration and troubleshooting of laptop, computers, servers, routers, switches, firewalls, printers, exchange(pabx), security protocols, internet, intranet, LANs, WANs and network segments.
• Responsible for administration of Firewalls, Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), Application Firewalls, Security Information and Event Management systems (SIEM), Remote User Access (VPN), Web/URL Filtering systems, Application Security Testing systems, Authentication systems and Proxy systems.
• Performs vulnerability scans on a routine basis as well as for all new system installations in accordance with Vulnerability Scans and Configuration Control procedures.
• Installs, configures and monitors remote access control systems such as Virtual Private Network (VPN) and SSL-VPN products.
• Routinely reviews security, vendor and other available sources for newly discovered vulnerabilities or newly released patches that should be applied to CRI Group’s Systems.  Advises other system administrators of these vulnerabilities and assists them as needed in securing their systems.
• Performs and/or coordinates internal and external audits and penetration attempts to ensure perimeter devices and internal servers are hardened properly.
• Ensures appropriate authorization and access controls are in place.
• Maintains and document network architecture and access control.  Participates in design, installs, configures and maintains network devices and network access control systems.  Monitors and troubleshoot network issues.
• Creating network firewalls and ensure that is updated.
• Configuring user profiles and creating users/group permission in domain
• Sharing and Mapping of network and shared folders/drives.
• Managing active directory, Domain and DHCP
• Installation, upgradation, troubleshooting and management of IT inventory including but not limited to computers, PABX, printers, scanner, server, cctv etc.
• Routinely reviews security, vendor and other available sources for newly discovered vulnerabilities or newly released patches that should be applied to CRI Group’s Systems To frequently conduct risk assessment and share the report with senior management
• Perform Internal audits of the systems, including all backups to comply with the protocols of information security management system
• Conduct high level root-cause analysis for service interruption and establish preventive measures.
• Coordinate with IT development team during the functional design phase of development efforts to ensure new applications meet appropriate security requirements.
• Maintain logs of CCTV, System Maintenance, Internet Performance & proxy management. Prepare and share the reports on monthly basis with management.
• Conduct Awareness sessions on ISMS to train and educate employees regarding information security
• Ensure proper compliance of all department policies with respect to company’s requirements.
• Conducting internal audit every quarter and also handling external ISMS audit
• Keep abreast of new technologies and upgrade systems accordingly.
• Responsibilities and duties of the position holder can be modified according to the need and requirements of the Company and work.
• Following current and prospective ISO Standards, policies and procedures.
• Carrying out any other task and assignment given by the supervisor and the management

Job Specification

• Bachelor’s in computer science or Information technology
• 5-8 years of relevant experience.
• Having CompTIA A+ Certification / CompTIA Network+ Certification/ CompTIA Security+ Certification/ Cisco CCNA Certification/ Cisco CCNP Certification will be a plus.

 Skills Required:

• Collaboration and teamwork: willing to work in a small team and multitask when required
• Flexible and adaptable to work effectively in our fast-paced environment.
• Problem solving & decision making skills
• Proactive & have eye to details
• Critical thinking