About the job

Company Description

Fonepay is Nepal's first mobile payment network licensed by the Nepal’s central bank as a Payment System Operator (PSO). We are a Payment Processing Network facilitating inter-bank person-to-person (P2P) and person-to-merchant (P2B) transactions through our interoperable network and mobile platform. Our network connects over 63+ partners with over 18 million+ registered customers and 1 million+ merchants in Nepal. Fonepay QR is EMV compliant, which is the most widely accepted standard for QR payments. 

Role Description

This is a full-time on-site role for an Information Security Analyst located in Lalitpur. The Information Security Analyst will be responsible for ensuring the security of our systems and networks, monitoring and analyzing security incidents, implementing security measures, conducting vulnerability assessments, and creating incident response plans. He/She shall assist in conducting internal and external security audits, ensuring compliance with regulatory requirements and industry standards.

Job Description

• Monitor and analyze security logs, events, and alerts from various systems, such as intrusion detection/prevention systems, firewalls, security information and event management (SIEM), WAF, EDR, XDR, PAM solutions
• Coordinate with various teams, including IT, network, and application teams, to ensure timely response and resolution of security incidents and vulnerabilities.
• Assist in implementing system hardening measures.
• Assist in conducting vulnerability assessment and penetration testing (VAPT).
• Assist in conducting internal and external security audits, ensuring compliance with regulatory requirements and industry standards (e.g., ISO 27001).
• Assist in performing risk assessments to identify and evaluate potential security risks and vulnerabilities.
• Assist in the development and delivery of security awareness programs and training sessions to educate employees about security best practices and promote a culture of security awareness.
• Continuously evaluate and improve the organization's security controls, processes, and practices to enhance the overall effectiveness of the information security program.
• Stay updated with the latest security threats, vulnerabilities, and industry trends, and proactively identify emerging threats that may affect the organization's security posture.
• Others as per assigned by the supervisor and company requirements.

Qualifications

• Proficiency in monitoring various security tools and technologies, such as SIEM, IDPS, Firewall, network security devices, DLP solutions, PAM solutions.
• Familiarity with threat intelligence concepts and sources.
• Knowledge in ISO 27001 compliance and PCI DSS requirements.
• Strong communication skills to effectively communicate technical concepts to both technical and non-technical stakeholders.
• Strong analytical skills to assess complex problems, identify patterns, and derive meaningful insights from data
• Atleast 3 years of Experience in implementing and managing security systems
• Knowledge of security standards and best practices
• Must have Bachelor's degree in Computer Science, Information Technology, or related field

Interested candidate are requested to apply before 14 June, 2024 via LinkedIn or via career page https://career.f1soft.com/jobs/ISA