Responsibilities
- Identify, investigate, and document security incidents.
- Perform security incident response and root cause analysis.
- Work closely with managed security provider, vendors, information system owners or representatives and infrastructure technical staffs on security incidents to perform incident handling and provide remedial actions
- Ensure all security solutions are working and comply with policy and procedures. Respond and remediate timely on any service outages with customer satisfaction as priority
- Provide support on issues relating to security solutions (e.g., endpoint security solutions, data loss prevention solution, SIEM solution, web proxy, intrusion detection system and advanced threat detection systems)
- Perform monthly governance review on incident and sensitive administrative activities
- Prepare and deliver monthly and ad-hoc security incident reports
- Review and update cybersecurity standard operating procedure.
Requirements
- Degree in IT / Computer Science or equivalent
- Experience in security operations and security operations center
- Knowledge of networking and windows operating system
- Knowledge of vulnerability & compliance scanning
- Certified Information System Auditor (CISA), Certified Information System Security Professional (CISSP) or ITIL certification will be an added advantage
- Able to do 24 x 7 standby support on rotation basis