Ensure that adequate security controls are in place following the company's policies and industry standards.
Ensure the effectiveness of security controls for both in-house IT operations teams and outsourced operations.
Promote and ensure secure software development life cycle (SDLC) practices and secure coding practices for in-house developed applications.
Stay up-to-date on information security processes and technologies, including emerging cyber-attack threats and corresponding mitigation controls.
Perform regular vulnerability assessments and penetration tests on the company's IT systems and network infrastructures and promptly drive the patch management process to address critical vulnerabilities.
Define and own the Computer Security Incident Response process, including maintaining escalation channels for all users and performing diagnosis.
Work closely with internal and external stakeholders to provide remediation for security incidents.
Maintain dashboards and collect metrics and reports on cyber threats and vulnerabilities in IT systems/infrastructures.
Provide expert consultation to other teams.
University degree in Information Security, IT, Computer Science, or a related field.
Holder of security certificates such as GIAC, CEH, OSCP, CISSP, CISM, CISA is preferred.
3-5 years of working experience in computer security incident response or computer forensics in security vendors or law enforcement authorities is preferred.
Knowledgeable in TCP/IP networking and network security products, such as firewalls, intrusion detection and prevention systems (IDPS), and web proxies.
Experienced in Windows and Linux/UNIX operating systems.
Familiar with information security technologies, such as AAA systems, email and web security, PKI, data encryption, and endpoint protection systems.
Familiar with information security standards, such as ISO27001, C-RAF, COBIT 5, and CIS Critical Controls.
Good understanding of cyber-attack techniques (e.g., APT, DDoS, malware, phishing) and the corresponding response and investigation methodologies.
Knowledgeable in computer forensics and advanced data recovery tools.
Competitive Package
Extra / Special Leaves
Medical Benefit
Professional Training & Subsidies
Property Purchasing / Leasing Discount
5-day Week
Casual Wear Days