REQ11786 Analyst, Information Security (Open)
Position Summary
The Analyst, Security Architecture and Technology, Information Security drives the security architecture and technology review in order to identify potential risks. Evaluates the organization’s security postures in order to provide recommendation to the management team. Configures and troubleshoots security tools according to the company policy and best practices.
Primary Responsibilities
- Assists in strategic information security planning, based on industry-standard best practices to achieve business goals by prioritizing defence initiatives and coordinating the evaluation, deployment, and management of current and future information security technologies
- Administers cyber security tools on premise and cloud, such as DLP, Web Security Gateway, Vulnerability Management, Server Policy Compliance Management, PIM/PAM, IAM, Endpoint Management, AV, EDR, APT, CASB, Email Security etc.
- Participates in evaluating, planning, and implementing of new cybersecurity technologies and systems
- Creates, identifies, and enhances processes that may leverage new or existing technologies to improve protection or reduce risk
- Performs periodic and on-demand system audits and vulnerability assessments
- Participates in developing, implementing, and assessing data security procedures and controls to ensure compliance with applicable regulatory and legal requirements, such as SOX, and ISO27001, GDPR
- Participates in maintaining information security and risk management policies, procedures, and technical standards to support corporate objectives
- Remain informed on current standards, trends, and issues in the information security industry
Qualifications
Experience
- Minimum 3 years of relevant experience in Information Security and Cyber Security
- Experience with security tools such as DLP, Web Security Gateway, Vulnerability Management, Server Policy Compliance Management, PIM/PAM, IAM, Endpoint Management, AV, EDR, APT, CASB, Email Security etc.
- Experience with multiple operating systems security: Windows Servers and Clients, Linux, and Unix
- Solid understanding of network design, architecture, OSI model and TCP/IP
- Exposure to Cloud computing
- Knowledge of Web and application-based security
- Knowledge of encryption, such as PKI, SSL/TLS, Data at Rest
Education
- Bachelor’s degree in Management Information System, Computer Science, or related disciplines
- Certification in Information Security (e.g., CISSP, CISM, CISA, CCSP etc) will be considered as an advantage
- Security tools technical certificates from vendors will be considered as an advantage
Skills / Competencies
- Good communication skill on report writing and presentation
- Able to work independently and cope with result-oriented demand
- Effective organizational and time management skills required
- Well organized and detail-oriented on delivering the assigned task
- Commit and strong sense of responsibility to the role and the team
- Ability to identify, analyse and address problems to resolve issues whenever possible in a way that minimizes negative impact and risk to the organization
- Strong analytical skills/problem solving/conceptual thinking
Personal Competencies
- Displays a high commitment to delivering results
- Communicates effectively
- Achieves agreed objectives and accepts accountability for results
- Displays the highest level of integrity
- Ability to maintain discretion
- Self-motivated
- Approachable