A global solutions provider focused on Healthcare ICT and mobile workflow solutions. Headquartered in Switzerland, our business spans across 18 countries, and has been supporting the healthcare industry for close to 160 years by providing them with technology to enable them to support their communities
Global ICT Security Engineer located in Florence, is a position within the ICT group. The main purpose of this position is to ensure that Ascom constantly maintains high digital security to build innovative solutions that protect against the latest, most advanced cyber threats.
What are the job responsibilities?
- Planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization’s data, systems, and networks
- Responding to system and/or network security breaches
- Troubleshooting, testing, and identifying network and system vulnerabilities
- Ensuring that the organization’s data and infrastructure are protected by enabling appropriate security controls
- Implement and support advancing “Ascom Cybersecurity” strategy
- Establishing good documentation standards to preserve the traceability and serviceability of delivered security and solutions.
- Pro-actively work with business units to remediate security issues and secure infrastructure architectures in hybrid and multi-cloud environments and projects
- Making progress every day and having a strong sense of ownership!
- Bachelor’s or Master`s degree in Computer Science/Cybersecurity/Computer Engineering or a related field with 5+ years’ experience
- Strong understanding of security audit methodologies and requirements pertaining to information security, privacy and/or data security
- Proficient knowledge of NIST-CSF (National Institute of Standards and Technology Cybersecurity Framework)
- Proficient knowledge of ISO 27001 framework, GDPR experience preferred
- Familiar with Healthcare & HIPAA Framework and the HITRUST CSF (Health Information Trust Alliance Cybersecurity Framework)
- Familiar with the SA Cloud Controls Matrix (Cloud Security Alliance - CSA)
- Proficient knowledge of Cloud security control requirements, cybersecurity standards, policies, and frameworks
- One or more of the following security industry certifications preferred: “CISSP”, “CISM”, “CISA”, “GXPN”, “CEH”
- Proficient in one or more of the following cybersecurity/vulnerability tools: NESSUS, OWASP, ACAS, SCC, NMAP
- Experience reviewing security scans and remediating vulnerabilities (Malware analysis, Threat hunting, Vulnerability scans, etc.)
- Proficient knowledge of
- Penetration Test techniques
- Cisco Firewalls, Splunk, Cisco ISE, AMP Endpoint Protection
- O365 Security, AWS / AZURE Cloud Security
- Email Security (DKIM, SPF, DMARC), “ProofPoint”, DLP
- SSL Decryption, Shell Scripting, , “Powershell”, PKI Certificate Management
- SIEM logging and infrastructure monitoring systems
- Encryption techniques to secure information at rest and in transit
- Good knowledge in ICT Infrastructure Engineering and architecture in hybrid environments
- Experience in project management, project teams, process improvement and knowledge sharing
- Very good English language skills