Responsibilities
- To conduct periodic cybersecurity vulnerability assessment for the respective business unit and liaising with Group IT and SOC for remediation
- To own and conduct all Security Acceptance Test (SAT) for the group and sectors IT initiatives, and liaise with the business owners for remediation
- Maintain awareness of evolving cybersecurity threats, threat detection and protection techniques to safeguard existing systems
- To provide cybersecurity awareness training, technical advisory and consultancy to the group and business unit
- To review the group and business unit security appliances’ rules i.e. Firewall, Intrusion Protection System, Proxy, Web Application Firewall (WAF), Network Access Control (NAC), Antivirus, Data Loss Prevention (DLP) and ensure relevancy
- To be the group and/or business unit’s interface for all cybersecurity queries, reviews and audits
Requirements
- Degree in Information Security, Computer Science, Information Technology, Computer Engineering or equivalent
- Minimum 3 years experience in infrastructure & application security
- Good knowledge of security principles, policies and industry best practices
- Excellent communication skills and able to work independently
- Candidate with Certification in Systems Security Certified Practitioner (SSCP) or Information System Security Professional (CISSP) or Ethical Hacker (CEH) will be an advantage