Department: Information Security

Reports To: Chief Information Security Officer (CISO)

Job Summary

• The Cybersecurity Expert is responsible for protecting the computer systems of the company, networks, and data from cyber threats, breaches, and attacks. They design, implement, and monitor security measures, conduct risk assessments, and respond to security incidents. The role requires expertise in threat detection, vulnerability management, encryption, compliance, and security best practices.

Key Responsibilities:

Security Infrastructure & Risk Management:

• Design, implement, and maintain security protocols, firewalls, VPNs, IDS/IPS, SIEM, and endpoint protection.
• Conduct vulnerability assessments, penetration testing, and security audits.
• Identify security risks and recommend mitigation strategies.

Threat Detection & Incident Response:

• Monitor networks for suspicious activity and potential breaches.
• Investigate security incidents, perform forensic analysis, and lead remediation efforts.
• Develop and update incident response plans and disaster recovery procedures.

Compliance & Security Policies:

• Ensure compliance with industry standards (ISO 27001, NIST, GDPR, HIPAA, PCI-DSS).
• Develop and enforce cybersecurity policies, procedures, and employee training programs.

Security Architecture & Best Practices:

• Advise on secure system and application design (Zero Trust, Cloud Security, DevSecOps).
• Implement encryption, multi-factor authentication (MFA), and access control mechanisms.
• Stay updated on emerging cyber threats, attack vectors, and defense strategies.

Collaboration & Reporting:

• Work with IT teams, developers, and management to enhance security posture.
• Prepare security reports, risk assessments, and recommendations for stakeholders.

Required Skills & Qualifications:

• Education: Bachelor's/Master's in Cybersecurity, Computer Science, or related field (or equivalent experience).
• Certifications (Preferred): CISSP, CISM, CEH, CompTIA Security+, OSCP, or similar.

Technical Skills:

• Proficiency in firewalls, SIEM tools (Splunk, LogRhythm), penetration testing (Kali Linux, Metasploit).
• Knowledge of malware analysis, cryptography, and secure coding practices.
• Experience with cloud security (AWS/Azure/GCP) and endpoint protection.

Soft Skills:

• Strong analytical, problem-solving, and communication skills.
• Ability to work under pressure during security incidents.

Work Experience:

• 8 years in cybersecurity roles (e.g., SOC analyst, penetration tester, security engineer).
• Experience with regulatory compliance and risk management frameworks.

All interested parties are encouraged to send in their detailed resume/CV to eugene.leong@mtscloud.com