Systems Analyst, Cyber Security & IT Governance
The Cybersecurity System Analyst is responsible in maintaining and improving the organization’s cybersecurity posture on an ongoing basis. S/he will work with external experts to implement security solutions, and work with vendors to monitor, detect and contain cybersecurity incidents to minimize impact to the organization.
- Review and development of security framework, information security policies, processes / procedures and guidelines on an ongoing basis
- Keep abreast of industrial IT security advancements and introduce appropriate security enhancements to IT infrastructure and systems.
- Work with vendor to conduct security assessment and penetration tests.
- Identify security gaps, perform threat risk assessments in current setup and propose mitigating measures.
- Standardize and refine security incident response and escalation processes.
- Mitigate and contain threats when detected.
- Escalate security incidents and non-compliances on a timely basis.
- Work with IT infrastructure team to evaluate, implement and enhance IDS/IPS, SoC, SIEM.
- Monitor information security alerts triage, mitigate, and escalate issues as needed.
- Conduct information security awareness training.
- Provide security advisory to end users on regular basis.
- IT Security Management of various aspect, e.g. network security, server security, application security, end point security, email security, physical access security, logical access security, etc.
- Attend to any other reasonable duties as assigned by the Cyber Security & IT Governance Manger and IT Director.
- Degree in Engineering, Science or Information Technology, or equivalent education.
- Preferable 5 years of related work experience in cybersecurity management and security governance.
- Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit / log review), technical vulnerability management (vulnerability assessment, penetration testing), application security, security technologies (system hardening, IDS/IPD, firewall), security incident response and security assessment.
- Strong understanding of ISO27001 standard.
- Strong background on the following IT Security Tools:
- Next Generation Firewall (e.g., FortiGate, Palo Alto, Cisco FirePower)
- Tenable Security Center Continuous View
- Endpoint Protection (e.g., Symantec, Trend Micro, Sophos Endpoint)
- Email Security (e.g, FireEye ETP, Cisco Email Security)
- Data Loss Prevention (e.g., Symantec, ForcePoint, Digital Guardian)
- SIEM (e.g., Splunk, QRadar)
- Have understanding of Risk Management, Disaster Recovery, Business Continuity and IT Regulatory Compliance.
- Good command of written and spoken English.
- Excellent interpersonal and communication skills.
- Pro-active, independent, resourceful, able to work in a team environment and work independently with minimal supervision.
- Work well with all functional levels in the organization.
- CISA, CISSP, CISM or equivalent IT security certifications will be advantageous.
- Prior IT security consulting experience will be advantageous.
Interested applicants are requested to write in with detailed resume indicating current and expected salary and availability.
We regret only shortlisted candidate will be notified.
Netlink Trust Operations Company Pte Ltd