Implements security solutions (infrastructure and/or application) including the design, configuration, development, testing and deployment of security-related technologies such as Security Information & Event Monitoring (SIEM), Identity & Access Management, IDS/IPS, Data Loss Prevention, Digital Rights Management, Network Access Control
Experience in building Security Operations Center (SOC) , developing processes, building Teams
Review the information and logs from various security systems on a day-to-day basis, like the firewalls, IPS/IDS device, SIEM, End-Point security and database logs
Examining malicious software, suspicious network activities, and non-authorized presence in the network to analyze the nature of the threat, and secure and monitor firewall
Understand the specimen's attack capabilities, its pagation characteristics, and define signatures for detecting malware presence.
Provides technical support in the areas of vulnerability assessment, risk assessment, network security, product evaluation, and security implementation. Responsible for designing and implementing solutions for protecting the confidentiality, integrity and availability of sensitive information.
Develops information security roadmaps, business cases and remediation plans;
Ensures that the Information Systems Security department's policies, procedures, and practices as well as other systems user groups are in compliance.
Conducts information security risk assessments and control selection activities
Design and implementation of security processes
Works with multiple customers and Develops information security strategies;
Monitors security systems, and analyzes potential threats and vulnerabilities to client systems.
Develops new computer and network security systems, including both hardware and software.
Coordinates technical incident response and remediation activities for client environments.
Provides security analysis and consultation services for product, system and network architecture designs.
Analyzes network traffic and alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms.
Analyzes security findings and data.
Offers internal management consultancy advice and practical assistance on information security risk and control matters throughout the organization and promotes the commercial advantages of managing information security risks more efficiently and effectively
Contributes towards the preparation and authorizes the implementation of necessary information security policies, standards, procedures and guidelines, in conjunction with the Security Committee.
Definition and development of security control designs including those required to support external regulations;
Contributes towards the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and
applicable laws and regulations, such as PCI DSS.
Designs and executes information security awareness training and educational activities
Routine line management and leadership of staff within the Information Security Management function
Conducts activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties
Assist with the due-diligence process for external and third-parties and providing the information as and when required by the clients
Reviewing the requests from users pertaining to security and providing the recommendations to Management
Assist with the proof-of-concepts and testing of new security software and tools being considered by the organization
Assist with the day-to-day audit of the servers and end-user systems to identify noncompliance
and risks and working with the IT team in remediating the findings
Document the various IT security procedures, standards and guidelines and keeping various security documents current and up-to-date
Will require some on call support that can be done from home.
Provides technical evaluations of customer systems and assists with making security improvements.
Participates in design of information system contingency plans that maintain appropriate levels of protection and meet time requirements for minimising operations impact to customer organisation.
Conducts security product evaluations, and recommends.
Conducts testing and audit log reviews to evaluate the effectiveness.