Security Analyst (IT sector)
ERP21 PTE LTD
5 days ago
Posted date5 days ago
N/A
Minimum levelN/A
Role Overview
Security Analyst is responsible for security monitoring and responding to alerts and events. He/She will be creating, tuning, compiling metrics of all security devices, along with documentation of processes and procedures. This role will require strong analytical and collaboration skills, detailed working knowledge of current and emerging security technologies, as well as the ability to correlate events to identify abnormal behaviour.
Responsibilities
1. Security Operations & Incident Response
. Monitor and investigate security alerts (directly or via SOC)
. Lead or support incident response for:
- Malware / ransomware
- Phishing and account compromise
- Insider threats
- Data leakage incidents
. Coordinate containment, eradication, and recovery activities
. Conduct post-incident root cause analysis and improvement actions
2. Vulnerability & Patch Management
. Perform vulnerability scanning and risk assessment
. Analyse scan results and prioritize remediation based on business risk
. Coordinate patching with IT and application teams
. Track remediation progress and report risk exposure
3. Security Tool Ownership
. Own day-to-day operation of security platforms such as:
- SIEM / SOAR
- EDR / XDR
- Email and web security
- DLP, CASB
. Tune detections, improve signal quality, and reduce false positives
. Integrate security tools with enterprise systems
. Advantage if verse in tools like Sentinel / Securonix
4. Threat Management & Intelligence
. Track emerging threats, vulnerabilities, and attack trends
. Assess relevance and impact to the organization
. Translate threat intelligence into actionable controls and detections
5. Governance, Risk & Compliance Support
. Support compliance with standards and regulations: ISO 27001, NIST, SOC 2, PDPA, GDPR
. Participate in internal risk assessments and audits
. Maintain security documentation, policies, and procedures
. Support third-party risk assessments and vendor reviews
6. User Awareness & Advisory
. Provide security guidance to IT, developers, and business users
. Support security awareness programs and phishing simulations
. Act as internal security SME and trusted advisor
7. Continuous Improvement
. Identify gaps and recommend security enhancements
. Drive automation and efficiency improvements
. Measure and report security KPIs and risk metrics
Requirements:
. Degree in Computer Science, Information Technology or equivalent.
. Minimum 3 years working experience in IT sector.
. Experience in using security tools : Security Endpoint solutions, HP ArcSight, QRadar, Rapid7 Nexpose, Tenable Nessus.
. Certified with one or more of the following: QISP, CISSP, Cybersecurity Nexus, CompTIA Security+.
. Basic technical knowledge in IT network infrastructure, server platforms (Unix, Windows platform) and desktops (OS X and Windows XP and above).
Security Analyst is responsible for security monitoring and responding to alerts and events. He/She will be creating, tuning, compiling metrics of all security devices, along with documentation of processes and procedures. This role will require strong analytical and collaboration skills, detailed working knowledge of current and emerging security technologies, as well as the ability to correlate events to identify abnormal behaviour.
Responsibilities
1. Security Operations & Incident Response
. Monitor and investigate security alerts (directly or via SOC)
. Lead or support incident response for:
- Malware / ransomware
- Phishing and account compromise
- Insider threats
- Data leakage incidents
. Coordinate containment, eradication, and recovery activities
. Conduct post-incident root cause analysis and improvement actions
2. Vulnerability & Patch Management
. Perform vulnerability scanning and risk assessment
. Analyse scan results and prioritize remediation based on business risk
. Coordinate patching with IT and application teams
. Track remediation progress and report risk exposure
3. Security Tool Ownership
. Own day-to-day operation of security platforms such as:
- SIEM / SOAR
- EDR / XDR
- Email and web security
- DLP, CASB
. Tune detections, improve signal quality, and reduce false positives
. Integrate security tools with enterprise systems
. Advantage if verse in tools like Sentinel / Securonix
4. Threat Management & Intelligence
. Track emerging threats, vulnerabilities, and attack trends
. Assess relevance and impact to the organization
. Translate threat intelligence into actionable controls and detections
5. Governance, Risk & Compliance Support
. Support compliance with standards and regulations: ISO 27001, NIST, SOC 2, PDPA, GDPR
. Participate in internal risk assessments and audits
. Maintain security documentation, policies, and procedures
. Support third-party risk assessments and vendor reviews
6. User Awareness & Advisory
. Provide security guidance to IT, developers, and business users
. Support security awareness programs and phishing simulations
. Act as internal security SME and trusted advisor
7. Continuous Improvement
. Identify gaps and recommend security enhancements
. Drive automation and efficiency improvements
. Measure and report security KPIs and risk metrics
Requirements:
. Degree in Computer Science, Information Technology or equivalent.
. Minimum 3 years working experience in IT sector.
. Experience in using security tools : Security Endpoint solutions, HP ArcSight, QRadar, Rapid7 Nexpose, Tenable Nessus.
. Certified with one or more of the following: QISP, CISSP, Cybersecurity Nexus, CompTIA Security+.
. Basic technical knowledge in IT network infrastructure, server platforms (Unix, Windows platform) and desktops (OS X and Windows XP and above).
JOB SUMMARY
Security Analyst (IT sector)
ERP21 PTE LTD
Singapore
5 days ago
N/A
Contract / Freelance / Self-employed
Security Analyst (IT sector)