Cyber Security Analyst (SIEM) Salary up to $5,000
The Cyber Security Analyst works as an expert resource to provide IT or cyber security operational services which deliver market leading functionality, support globalization of tools and processes, and support regulatory, IT Security best practice, policy and business requirements.
- Maintain, administer and operates one or more on-premise or cloud-based information/cyber security tools and processes for the following:
- Privileged Access Management (PAM)
- Data Leak Prevention (DLP)
- Cyber Security Incident Response (IR)
- Security Incident and Events Management (SIEM)*
- Endpoint Detection and Response (EDR)
- Intrusion Detection/Prevention (IDS/IPS)
- Hardware Security Module (HSM)
- Multi-Factor Authentication/One-Time-Password (MFA/OTP)
- Firewall/Network Security Policy Management
- Manages security risks and performance
- Support the design and evolution of information security tools and processes
- Works in partnership with other members of the team to support and drive the direction and development of the function
- Administrate and maintain (PAM) tool
- Review and manage (DLP) alerts and (DLP) rulesets. Manage and administrate the (DLP) tool.
- Manage and track the status of all security incidents reported, investigate and contain security incidents using (SIEM), (EDR) and (IDS/IPS) tools
- Administrate and maintain (HSM) and (MFA/OTP) systems.
- Assess and review firewall, network, proxy requests within policy management workflow to support its implementation
- Patching and monthly maintenance of security tools and supporting systems
- Review, update and maintain documentations and internal procedures.
- Provide regular management reports, and incident reports where required
- Timely remediation of vulnerabilities or issues
- Ensure that IT risks taken in own areas of work are controlled within approved limits.
- Manage security projects and implementations to mitigate IT risks and comply with MAS or audit requirements
- Assess and review existing processes/baselines and security measures to ensure they are working effectively
- Providing advice and consultancy where needed.
Nature of Work
- Driving the IT security service to provide effective, timely, sustainable service to customers and to embed in daily operations
- Confirming that all services operated are policy compliant and any issues identified are resolved / escalated in a timely manner to ensure no control gaps
- Responding knowledgeably and with confidence to any challenge or enquiry in relation to the information security mandatory controls
- Contributing to the resolution of identified control weaknesses.
- Driving tools functionality to deliver target availability and meet policy expectations
- Driving effective and efficient use of existing tools, processes, licenses and resources
- Defining, automating and reporting to track progress/performance against overall functional strategy and plan
Risks & Controls
- Identify, own and manage the specific key risks and/or IT controls and BP standards that you are identified as the owner and/or nominee for on iCARE or Archer
- Ensure that issues and actions associated to controls / risks are remediated in a timely manner
- Maintain appropriate records on iCARE or Archer
- Ensure that controls are sufficiently well designed and operating effectively to keep the risks that they mitigate within Aviva's tolerance level
- Report and escalate the status of the relevant risks, controls and standards as appropriate
Resource and Expertise
- Accountable for working within policy and guidelines, applying technical knowledge and expertise and prioritising own use of time
- Keep abreast of information security frameworks and methodologies (e.g. NIST, ISO 27001, PCI DSS) and other information security related best practice appropriate to your role
- Familiar with regulatory requirements such as MAS TRM and PDPA
- Accountable for solving problems and dealing with difficulties in line with policy, process and other guidelines applying technical knowledge and expertise
- Depending on the nature of the specific role, problems can range from repetitive daily issues to complex technical problems requiring significant expertise
- Escalate problems according to guidelines
- Support front line staff by giving advice or by taking on accountability to resolve more complex problems
- Accountable for recommending change based on expert know-how and analysis of precedent and similar previous problems
- Support change in the team
- Take personal initiative in adapting to change
- Build effective working relationships across relevant teams in CISO and other IT functions
- Share recent insights and lessons learnt with the wider community through active participation in community discussions.
- Where required, build effective working relationships across relevant teams in external suppliers
- Seek opportunities and attend external and internal seminars / training sessions that would enhance professional development and deliver business value
- Technical certifications (desirable)
- CISSP (preferred)
Interested applicants, please Email [Click Here to Email Your Resume]
Jane Ng Wei Ling
Recruit Express Pte Ltd
EA Licence No: 99C4599
We regret that only shortlisted candidates will be contacted.
Recruit Express Pte Ltd