Senior Infrastructure Specialist
• Conduct and assist in carrying out Internal Audits and investigations that will provide reasonable assurance to Executive Management, the MSC Board, Management and the Audit Committee regarding the adequacy and effectiveness of the risk management and control framework operating within the business.• Identifying IT related risks throughout areas including perimeter, network, host, application, data and physical security. • Performing controls review to verify compliance with ISO 27001• Conducting Audits of Security Operations Center, data centers, to assess controls and ensure Confidentiality, Integrity & Availability. • Reviewing information security policies, incident response plans, change management, vulnerability management, patch management as they apply to various facets of the infrastructure in scope. • Performing external and internal penetration tests, network vulnerability assessments to provide a comprehensive view of the client’s network weaknesses that are exposed to threats. • Identify and review the various preventive, detective and corrective security controls techniques in place, the processes and operational procedures that are being implemented to meet the strategic goals of the business. • Participating in technology identification, acquisition, testing and implementation.• To improve the control environment and processes through agreeing viable recommendations with the business and ensuring implementation through follow up on progress.• Compile Audit Planning Memos, Working Papers, Schedules of Preliminary Findings, Draft and Final Reports within the timescales agreed with the Operational Audit Manager/Head of Internal Audit.