DUTIES AND RESPONSIBILITIES

1. Monitor and analyze security alerts and events from various sources, including security information and event management (SIEM) systems, security orchestration automation and response (SOAR) intrusion detection/prevention systems (IDS/IPS), firewalls, antivirus, endpoint protection platforms, and other security solutions.
2. Investigate and assess security incidents and breaches to determine their cause, scope, and potential impact on the organization's systems and data.
3. Develop and implement security policies, procedures, and controls to mitigate cybersecurity risks and threats, in alignment with industry best practices and regulatory requirements.
4. Conduct vulnerability assessments and penetration tests to identify weaknesses in the organization's infrastructure, applications, and processes, and recommend remediation actions.
5. Collaborate with other members of the cybersecurity team and IT staff to address security vulnerabilities, implement security patches and updates, and improve overall security posture.
6. Provide security awareness training and guidance to employees on best practices for information security and data protection.
7. Participate in incident response activities, including containment, eradication, and recovery, to minimize the impact of security incidents and ensure business continuity.
8. Stay abreast of the latest cybersecurity threats, vulnerabilities, and trends through continuous learning and professional development.
9. Document and report security incidents, vulnerabilities, and remediation activities, as required by organizational policies and regulatory requirements.
10. Assist in the development and maintenance of incident response plans, playbooks, and other security documentation.

‍

OTHER RESPONSIBILITIES:

1. Adheres to the provisions of the Company's Code of Conduct and Discipline.
2. Report any fraudulent, suspicious acts or unlawful activities/transactions immediately to the immediate head to pre-empt potential risks to the company.
3. Performs other duties that may be assigned from time to time.
   ‍

RELATIONSHIPS:

Reports to: Secure Client Solutions and Assurance Team Lead

Coordinates with: All employees
‍

JOB SPECIFICATIONS:

Bachelor's/College Degree in Computer Science, Information Technology, or equivalent with CyberSecurity experience.
‍

QUALIFICATIONS:

1. 1+ years of experience working in a cybersecurity role, with a focus on security analysis and incident response. (Open for fresh graduate with interest and basic knowledge in Cybersecurity)
2. Strong understanding of networking protocols, operating systems, and security technologies.
3. Experience with security tools and technologies such as SIEM, IDS/IPS, firewalls, antivirus, vulnerability scanners, etc.
4. Knowledge of cybersecurity frameworks and standards, such as but not limited in NIST Cybersecurity Framework, ISO 27001, CIS Controls, etc.
5. Relevant industry certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), etc., are a plus.
6. Excellent analytical and problem-solving skills, with the ability to quickly assess and respond to security incidents.
7. Strong communication and teamwork skills, with the ability to collaborate effectively with colleagues across different teams and departments.
8. Must be willing to adapt new learnings and challenges.

‍

WORKING CONDITIONS:

1. The Security Analyst may be required to work rotating shifts, including nights, weekends, and holidays, to provide 24/7 coverage of security operations.
2. The position may involve occasional travel to attend conferences, training sessions, or to support incident response activities at remote locations.

‍

‍

‍

‍