- Provides expertise on security technologies and innovative security concepts, and works toward enhancing the resilience of security operations.
- Provides security consultancy and advisory for new projects and ongoing security operation.
Monitor security systems - Perform audits, reviews, security control assessments, and tests of security operations based on established schedules - Perform real time analysis and trending of security log data from various security systems - Analyse security event data to identify suspicious and malicious activity - Provide inputs to improve security monitoring rules and alerts - Document processes related to security monitoring
Maintain security operations - Implement security protocols - Create emergency response procedures - Maintain data sources feeding the log monitoring system - Schedule security checks in accordance with reporting schedules - Prepare periodic status reports for presentation to management
Respond to security incidents - Review security incident reports - Evaluate the type and severity of security events - Assist with establishing procedures for handling detected security events - Provide status updates during the life cycle of an incident - Create final incident report detailing the events of the incident - Support the maintenance and update of business recovery/contingency plans and/or procedures
Provide user support - Respond to user requests for technical assistance - Assess incident severity - Set clear user expectations on issue resolution - Update users on changes in status during issue resolution - Manage user accounts
- Diploma/Degree in Computer Science, Engineering or equivalent.
- Minimum 6 years of experience in IT Security.
- Experience in managing identify access management.
- Good technical knowledge/experience in active directory.
- Hands-on experience in managing security operations.
- Experience in security technology like firewall, IPS, WAF, endpoint.
- Knowledge of Cyber Security Laws, Personal Data Protection Act, Industry standards and information security policy framework.
- Certified Information Security Systems Security Professional (CISSP) or GSEC will be advantageous.
- Good team player with strong communication skills with project teams, stakeholders, senior management, and contractors including both technical and non-technical personal.