Job Description

Jadestone Energy owns operated interest offshore Peninsular Malaysia, covering four production sharing contracts. Malaysia is also home to the Jadestone\'s Regional Technical and Finance Teams. For more information, please go to https://www.jadestone-energy.com/assets/malaysia-portfolio/ . This position is responsible for the administration, planning and implementation of Information Security solutions, projects and policies to ensure the protection of all assets for the organization. Principle Accountabilities: Oversee all day-to-day IT security incidents/administration/health check of current IT infrastructure and network Prepare and customize Cyber Security reports and metrics (e.g. vulnerability, incident, antivirus, IPS, data leakage, DDOS) on a regular basis Planning, implementing, managing Cyber Security solutions and measures for the protection of Jadestone Group\'s data, systems and networks. Manage cybersecurity projects & coordinate with other IT functions and vendors to deliver security solutions and initiatives timely Organize penetration and vulnerability scans with external testers and internal IT teams and follow up with their remediation and closures. Monitor, investigate and develop strategies to lead security incident responses efforts and recover from security breaches Plan security awareness program and conduct security awareness trainings and initiatives. Develop and maintain documentation on security playbook, policies, procedures and ISO27001 ISMS Working with all IT Functions & business stakeholders to define security protocols and to secure IT systems Position Requirements Degree in IT, Computer Science or Information Security Minimum 5 years of proven work experience in a similar cybersecurity role Strong experience and knowledge in enterprise security solutions such as Next-Gen Firewall (Fortinet/Palo Alto), Endpoint Protection software (TrendMicro), PAM, SIEM, Email & Cloud Security and DLP High proficiency in IT security governance and architecture, including a knowledge of IT network security and cloud-based technologies Proven understanding of the current vulnerabilities, incident response, and mitigation strategies used in cyber security Excellent knowledge of vulnerability assessment & penetration testing tools, computer forensic tools, security incident response and methods Security certification (CISSP, CISA, CEH, OSCP) is an added advantage Experience with ISO27001 ISMS is a bonus Candidate Profile: Exhibit work behaviours consistent with company values Keen to pick up new technologies and skill sets, and able to manage stakeholders Self-driven and highly motivated Able to work under pressure, independently and with minimum supervision, to meet deadlines with accurate outputs Proactive, result-oriented, team player, works effectively within a multi-discipline team and across countries Excellent analytical and problem-solving skills Strong oral and written communication skills, including a demonstrated ability to prepare quality documentation and presentations for technical and non-technical audience

foundit