Information Security Analyst  
Interactive Group of Companies   More jobs from this company

  Email this job
Job Details Back to Job Listing
Job Title:   Information Security Analyst
Category:   Networking
Total Positions:   1
Job Location:   Islamabad
Gender:   No Preference
Minimum Education:   Bachelors
Degree Title:   Bachelors in Computer Sciences, Information Technology or related field
Career Level:   Experienced Professional
Minimum Experience:   2 Years3 Years
Apply By:   Feb 17, 2020
Job Description:

Purpose of the Job:

To performs & analyze all procedures necessary to ensure the safety of information systems and to protect systems from intentional or inadvertent access or destruction under the limits of ISO 27001, ISO 27005, ISO 27017 and organizational SOPs.

Functions & Responsibilities (duties to be performed by this position)

Information Security Management and Operations

  • To Identify and analyze risks related to information security, update risk register in order to evaluate risk levels.
  • To prepare risk treatment plan as per the procedure, implement the approved treatment plan in order to reduce the risk to an acceptable level.
  • To monitor the information security controls in order to ensure compliance as per the policies and procedures of the organization.
  • To report the information security incidents, identify the root cause analysis, suggest corrective and preventive action plan, implement the approved treatment plan in order to minimize the impact on business services and prevent future occurrence of the same incident.
  • To Implement, monitor and suggest the improvements in information security management in order to ensure compliance as per the service management standard.
  • To prepare and maintain policies & procedures as per standard requirements and as per management directions, enforce policies and procedures in the company through compliance reviews in order to maintain & implement IS standards in the company.
  • To Manage & provide technical support for Symantec end point protection including application & database security, backup & recovery, patches and upgrades and resolving all other problems related to AV in order to ensure smooth service delivery.
  • To take regular backups of the tools, Data under the ownership of IS Team in order to ensure business/service continuity in case of incident/disaster
  • To resolve issues received through OTRS with respect to ERP role based security and Symantec and plus connectivity issues (level-2 support) in order to keep the services uninterrupted for internal clients.

Access Management

  • Create & assign security roles to the employees as per the requirement initiated by the approved authority in order to implement role based security in ERP for segregation of the duties as per the company procedures.
  • Troubleshoot all ERP security related issues faced by the end users and resolve tickets as per the agreed OLA in order to ensure smooth operations of ERP.
  • Enable and disable user accounts on joining and exits in order ensure access rights management as per the policy.
  • To grant access of different privileges on several production systems to a user depending on the department requirements.
  • To review the roles assigned to the employees in order to monitor and verify access rights management as per the policy

Audit Management

  • To coordinate & prepare external audit for third party audit, develop action items as per external audit report for the remediation of Non-Compliance in order ensure compliance with standards.
  • To prepare internal audit plan and discuss with supervisor, intimate relevant stakeholders, conduct internal audit, prepare audit report, develop action items/recommendation in order to prepare internal systems for external audit

Proof of Concept

  • To conduct Proof of concept environment, deploy the product/process, give demos to client and coordinate with vendors in order to ensure deployment as per company and client requirements.


  • To prepare and conduct information security awareness training session in order to ensure employees awareness regarding Information Security
  • Any other task assigned by Supervisor. 

Required Skills and Knowledge Areas:

  • Information Security Management
  • Information Security Operations
  • Information Security Standards
  • Documentation & Reporting
  • Penetration Testing
  • Disaster Recovery
  • Risk Management
  • Auditing

 Technical Skills:

  • OTRS
  • ISO 27001 
  • ISO 27005
  • ISO 27017
  • Symantec
  • SOC tools
  • Nessus or similar tools
  • Wireshark
  • ERP Security
  • MS Office

Interpersonal Skills:

  • Stress Management
  • Time Management
  • Communication Skills
  • Client Management
  • Counseling Skills
  • Decision Making


Company Information
Company Name:  Interactive Group of Companies
Company Description:
pHarnessing the synergies of over Seven hundred team members whilst maintaining an international presence, Interactive has actively led Pakistan's Telecommunications and Information Technology industries for a quarter of a century. We have proudly served a prestigious portfolio of clientèle, spanning a wide range of verticals in the Public & Private sectors. Interactive offers turnkey solutions for your automation, hosting, storage, connectivity and security needs, covering the complete suite of technology services including consultancy, design, implementation, operations and maintenance, technical support and training. At Interactive, our people are our strength. We pursue a tradition of continuous improvement in a permanent quest to acquire new competencies and in-depth knowledge in our areas of expertise. We have earned our value through progressive effort and extensive industry experience. We share your goals to employ the power of technology to transform your business./p

Copyright 2020, PAF Karachi Institute of Economics & Technology. All Rights Reserved