COMPANY DESCRIPTION
ALTO Network is a leading payment infrastructure provider as well as the pioneer in payment solution by always bringing the most innovative and impactful technology to connect merchants or financial institutions with their customers to grow their businesses nationwide and beyond.
DESIGNATION : Enterprise Security Associate
RESPONSIBILITIES
- Develop and implement a comprehensive security strategy aligned with the organization's business goals and objectives.
- Collaborate with cross-functional teams to integrate security into the software development lifecycle (SDLC) and DevOps processes.Educate end-users about common cybersecurity threats, such as phishing attacks and social engineering, and promote security awareness to encourage safe computing practices.
- Evaluate emerging technologies and security solutions to enhance the organization's security posture.
- Implement encryption mechanisms to protect sensitive data at rest, in transit, and in use.
- Ensure secure storage and transmission of cryptographic keys and certificates.
- Implement continuous integration/continuous deployment (CI/CD) pipelines with built-in security controls and testing.
- Define security policies, standards, and procedures to ensure compliance with industry regulations and best practices.
- Risk/Findings audit to be fulfilled
- Ensure staff are informed and trained to support good corporate governance in their specific areas of work.
QUALIFICATIONS
- **Cybersecurity Principles and Concepts**: Understanding of foundational cybersecurity principles, including confidentiality, integrity, and availability (CIA triad).
- **Scripting and Programming**: Proficiency in scripting and programming languages such as Python, PowerShell, or Bash for automation, tool development, and exploit scripting.
- **Security tooling and automation frameworks** : Jenkins / GitLab CI/CD / AnsibleOrganizational security policies and procedures : endpoint security, including acceptable use policies, data handling guidelines, and incident response protocols.
- **EDR solutions** : provide continuous monitoring and real-time response capabilities to detect and mitigate advanced threats on endpoints.
- **Patch management processes and tools** : ensure that endpoints are up-to-date with the latest security patches and updates to address known vulnerabilities.
- **Programming languages** : Java / Python / C / C++ / JavaScript.
OTHER INFORMATION
- Minimum of 1 years of experience in information security roles, and IT Operation or SRE
- Bachelor's degree in computer science, information technology, or a related field.
- Master's degree preferred.Relevant certifications (e.g, CEH, Comptia Security +) preferred.