Associate, Security Operations

Job Description

• Assist management to develop and enhance information security policy and
procedure.
• Implement and delivery of information security program by collaborate with related
parties to design, implement and maintain security controls of information systems.
• Lead, coordinate and execute technical security assessment (VAPT) to identify
security gaps/vulnerabilities in security architecture resulting in recommendations
for inclusion in the risk mitigation strategy. And work with stakeholders to resolve
computer security incidents and vulnerability compliance.
• Lead threat monitoring, detection and response by performing event correlation
using information gathered from a variety of sources within the enterprise to gain
situational awareness and determine the effectiveness of an observed attack.
• Document and escalate incidents (including event’s history, status, and potential
impact for further action) that may cause ongoing and immediate impact to the
Bank environment.
• Monitoring, analyze, assess security patch and notify patch administrator, system
and application administrator for implementation. Report and highlight outstanding
issues to management.
• Provides cybersecurity recommendations to leadership based on significant threats
and vulnerabilities.
• Provide contribute to Disaster Recovery, Contingency, and Continuity of
Operations Plans.
• Perform other task assigned by management.

Job Requirement 

• Bachelor’s Degree in Information Technology, Computer Science or other related
equivalence.
• Holding Cybersecurity certified associate is preferable
• Minimum 4 years of experience in cybersecurity or system network administrator
• Experience implementing and administrative of cyber defend tools such as WAF,
NGFW, EDR, DLP, SIEM, Vulnerability Management and Patch Management
etc.,
• Implement cybersecurity and privacy principles to organizational requirements
(relevant to confidentiality, integrity, availability, authentication, non-repudiation).
Knowledge • Deep technical understanding on Operating System (Linux & Windows),
database, networking and web/program.
• Good understanding of cybersecurity risk framework and penetration testing
methodology
• Certified ISO27001, Ethical Hacking, and strong knowledge of NIST, OWASP
etc. is preferable.
• Good verbal and written English skills to present to management.
Skills and Abilities • Be honest, self-motivation, self-initiation, self-commitment, fast learner, flexible
and punctual.
• Strong interpersonal, organizational, engagement, collaboration and excellent
communication, analytical and problem-solving skills.
• Highly result oriented and independent, and able to work under pressure.