The Cybersecurity Systems Analyst is responsible in maintaining and improving the organization’s cybersecurity posture on an ongoing basis. S/he will work with external experts to implement security solutions, and work with vendors to monitor, detect and contain cybersecurity incidents to minimize impact to the organization.
• Review and development of security framework, information security policies, processes / procedures and guidelines on an ongoing basis
• Keep abreast of industrial IT security advancements and introduce appropriate security enhancements to IT infrastructure and systems
• Work with vendor to conduct security assessment and penetration tests
• Identify security gaps, perform threat risk assessments in current setup and propose mitigating measures
• Standardise and refine security incident response and escalation processes
• Mitigate and contain threats when detected
• Escalate security incidents and non-compliances on a timely basis
• Work with IT infrastructure team to evaluate, implement and enhance IDS/IPS, SoC, SIEM
• Monitor information security alerts triage, mitigate, and escalate issues as needed
• Conduct information security awareness training
• Provide security advisory to end users on regular basis
• IT Security Management of various aspect, e.g. network security, server security, application security, end point security, email security, physical access security, logical access security, etc.
• Degree in engineering, science or information technology, or equivalent education
• Preferable 5 years of related work experience in cybersecurity management and security governance
• Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit / log review), technical vulnerability management (vulnerability assessment, penetration testing), application security, security technologies (system hardening, IDS/IPD, firewall), security incident response and security assessment
• Strong understanding of ISO27001 standard
• Have understanding of Risk Management, Disaster Recovery, Business Continuity and IT Regulatory Compliance.
• Good command of written and spoken English
• Excellent interpersonal and communication skills
• Pro-active, independent, resourceful, able to work in a team environment and work independently with minimal supervision
• Work well with all functional levels in the organization
• CISA, CISSP or equivalent IT security certifications will be advantageous
• Prior IT security consulting experience will be advantageous
We regret only shortlisted candidate will be notified.