Purpose
You'll be responsible for keeping an eye on security issues, figuring out what needs to be done, coming up with solutions, facilitating and supporting security audits and tests.
In addition, you will help staff and stakeholders stay on top of security awareness and training.
Key Responsibilities
- Monitoring and analyzing network and system activity
- Investigating and responding to security incidents
- Facilitate the conduct of security audits and assessments by third party security assessors
- Supporting vulnerability assessment and patching management activities by evaluating and testing remediation fixes and planning with the technical teams until the risks have been duly addressed.
- Escalating security incidents and alerts
- Installing and configuring security software agents when required
- Support the implementation of security policies, procedures and standards
- Preparing and maintaining security reports and documentation
- Support disaster recovery and breach of security drills
Profile & Other Information
- At least Diploma in computer science, information security, related field or relevant certifications in CEH, CompTIA Security+, OSCP, etc.
- At least 3 years of experience as an information security analyst or a similar role
- Proficient in security tools and technologies, such as CIS hardening, Tenable Nessus, Anti-Malware, DLP, EDR, SIEM, encryption, etc.
- Good knowledge in Incident response lifecycle, different Operating Systems, TCP/IP networking and application layers.
- Knowledge of security frameworks and standards, such as ISO 27001, NIST, etc.
Knowledge of IM8 will be advantageous.
- Working experience in the practice of penetration testing (application/infrastructure), vulnerability scanning and system security acceptance testing
- Basic scripting skills (e.g., Python, Bash) and knowledge of automation tools for security testing.
- Ability to identify and mitigate security threats and risks
- Strong analytical and problem-solving skill