We are looking for a Cyber Security Senior Analyst, responsible for overseeing day-to-day IT security operations and to enhance, develop and implement the information security strategies and related policies within the organizations.
Degree in Infocomm Security, Cyber Security, Information Technology, Computer Engineering or Computer Science;
At least 3-5 years of working experience in designing, deploying, managing enterprise-level security infrastructure platforms, database and system servers;
Knowledge in Cloud security and cybersecurity frameworks like NIST, ISO27001, CSA, PDPA and Essential 8;
Strong hands-on experience on security operations, patching, hardening of networks and servers, vulnerability scanning, penetration testing, incidence response;
Experience in implementing security solutions such as SIEM, PAM, DAM, IDP, IDR, DLP;
Knowledge in Cloud, Web infrastructure security and compliance;
Excellent communication and interpersonal skills, and able to work well with cross-organizational teams;
Strong analytical & problem-solving skills.
Working experience in SIEM and SOAR;
CISSP / CISM / CISA certifications.
Responsible to design information security, protection and management framework, guidelines and best practices for the organization;
Provide security governance, enforcing cyber security risk assessment and risk acceptance;
Review, endorse, align and ensure information security compliance with proper risk management and migration plans;
Involved in cyber security compliance and controls, self-assessment processes and documentation related tasks;
Responsible to facilitate in the forum discussion to establish the information security goals and to develop appropriate cyber security risk assessment and risk acceptance;
Work closely with internal stakeholders and vendors to establish and monitor the security policies, standards and procedures in line with the organization's cyber security directions;
Lead implementation of enterprise security improvement programs;
Provide advisory and technical consultancy on the appropriate cyber security solutions and technologies to be deployed;
Engagement with industry and conduct technology scans on the latest information security products and technologies.