Describe your experience working in an Information Security team. What was your role and what contributions did you make?

In my previous role, I worked as part of an Information Security team where I was a Cybersecurity Analyst. My main role was to assist in the development and implementation of security policies and protocols. I also conducted regular security audits to ensure all systems were compliant with security standards. Additionally, I collaborated with the IT department and other teams to enhance security measures and prevent potential threats. I contributed by assisting in responding to security breaches and other cyber security incidents. During my time in the team, I also helped evaluate new security technologies and processes to enhance the overall security posture of the company.

During my time in the Information Security team, I worked as a Cybersecurity Analyst. My role involved developing and implementing security policies and protocols to ensure the protection of company data and infrastructure. I conducted regular security audits to identify vulnerabilities and recommended remediation measures to maintain compliance with security standards. Additionally, I collaborated with the IT department and other teams to enhance security measures, providing guidance on best practices. I actively participated in incident response efforts, assisting in the investigation and remediation of security breaches and cyber incidents. Furthermore, I contributed to the evaluation and implementation of new security technologies, such as intrusion detection systems and log management tools, to enhance the overall security posture of the company. My experience also includes conducting trainings and workshops to educate staff on information security protocols and awareness.

During my tenure in the Information Security team, I served as the Lead Cybersecurity Analyst, responsible for developing and implementing comprehensive security strategies and initiatives. My role involved conducting in-depth risk assessments to identify vulnerabilities and develop remediation plans. I led the implementation of ISO 27001/27002 framework, ensuring compliance with industry best practices. I also developed and delivered training programs for staff, increasing awareness of security protocols and reducing risks. In collaboration with the IT team, I successfully implemented an advanced log management system, enhancing visibility into potential threats and streamlining incident response. Additionally, I spearheaded the development of a secure coding framework, providing guidelines and training materials to ensure the integration of security practices into the software development lifecycle. These contributions resulted in a significant improvement in the company's security posture, reducing the number of incidents by 50% in the first year.