Job Description

Description:

As a senior IT security officer, you will be performing network and system security analysis, monitoring and incident response, as well as maintenance and configuration of security tools. The Security officer will work with the latest technologies to detect, analyse, and limit intrusions and security events. Job involves develop and direct implementation of security standards, policies and best practices for the organization and works in together with organizational departments to ensure employees are aware of cyber-security issues and are trained in good cyber-security practices.

Duties:

• Monitor and analyse Intrusion Detection/Prevention Systems (IDS/IPS), Endpoint Security, Endpoint Detection and Response (EDR) and Security Information and Event Management (SIEM) events. Managing IDS, IPS, and SIEM rules. Creates and maintains Standard Operating Procedures, Consolidate and conduct comprehensive analysis of threat data.

• Perform threat hunting and provide prevention measures. Evaluate the efficiency, effectiveness and compliance of operation processes with corporate security policies and related regulations.

• SIEM administration and log reviews for effective monitoring. Creating rules and correlation events including incidents. Creation of custom and compliance reports weekly and monthly trend analysis reports for critical events.

• Patch management and vulnerability management to track vulnerabilities being exploited in the wild and following through with the fixes needed to be implemented.

• Work with the teams on internal and external audits, due diligence checks as per the MAS TRM guidelines.

• Bachelor degree in IT security related discipline or equivalent experience.

• CISM, CISSP, GIAC, or relevant security certification would be an advantage.

• Working knowledge of application & infrastructure security solutions (Firewalls, Intrusion Detection/Prevention Systems, Network Security, Password Management, Data Encryption, and Access Control) including Cloud security.

• Prior experience in implementing security solution and versed with information security best practices.

• Good domain knowledge of information security governance and equipped with a strong risk management background.

• Knowledge and understanding of emerging risk areas, e.g, remote access, DLP, secure application development practices, etc.

• Working knowledge of regulatory and data security standards

• Experience with MAS TRM, Cyber Hygiene

• Experience in penetration, Vulnerability testing and cyber security Playbook

• Hands on experience with Security tools such as EDR, DLP endpoint security, IDS/IPS, anti- DDOS mitigation, firewalls and WAF

• Strong interpersonal and communication skills

Flintex Consulting