JOB DETAILS

JOB DETAILJob Details

・Design, test and implement security systems including hardware, software and integration related components.

・Analysis monthly SOC SIEM activity reports and handling Cyber Security Operation and Incident Response.

・Managed and coordinate with vendor on Endpoint Detect & Response (EDR) activities
output.

・Managed and coordinate with auditors on the compliance to maintain ISO/IEC 27001:2013 Information Security Management System (ISMS) Certification

• Conduct internal security assessment including penetration test, vulnerability assessment on network, application and information system to identify vulnerabilities and recommend corrective action.

・Perform periodic network, web application, mobile application, physical security reviews, social engineering tests, and other related cyber security practices.

・Assist with the coordination and performance of all third-party penetration testing projects, regulatory examinations, and other audits of information systems.

・Perform review and validation procedures for all findings noted by third-party testers related to network and web application security.

・Conduct detailed analysis of systems where breaches of critical IT infrastructure may have occurred and provide root cause analysis, impact assessments and rapid response to aid detection of those responsible and make recommendations to assist prevention of similar incidents.

・Assist Infrastructure and Application Teams with prioritization of patches and security fixes following the vulnerability assessment.

REQUIRED WORK EXPERIENCERequired

• A Bachelor's Degree, Post Graduate Diploma, Professional Degree, Computer Science & Information Technology or equivalent.

• Holding IT Security certifications such as CEH, CISSP, CompTIA Security+ or any other information security related accreditation would be added advantage.

• Candidates with any professional certification that covers Vulnerability Assessment & Penetration Testing will have an added advantage.

• Familiar with standards and requirements such as ISO27001, NIST, and Bank Negara RMIT will be an added advantage.

• Experience with SIEM systems and managing security logs.

• Experience with network OS, Windows/ Linux/ MacOS, communications protocols, firewalls, WAP, IPS/IDS systems, virtual environments, data encryption, and mobile penetration testing of IOS/Android systems

• Good understanding of the latest IT Security best practices, threat analysis, data privacy and risk policies especially covering Data Loss Prevention (DLP)