Job Description

The professional will be joining a top team in delivering complex Cyber Security solutions to defend against cyber threats of the world. We are looking for a dedicated team player who wants to make a career in the Vulnerability Management (VM), Data Protection or Governance, Risk and Compliance (GRC) domain. You will be the second line of defence in reviewing and challenging security risks identified throughout a project’s System Development Lifecycle (SDLC). The role allows you to take on risk management and mitigation measures for cyber security projects. Roles & Responsibilities:

• Assess current technological architecture for vulnerabilities, weaknesses and for possible upgrades or improvements to identify any weak points that might make information systems vulnerable to attacks
• Develop and manage security strategies, develop policies that encourage secure working and protection of data
• Take ownership of the security and compliance function of cyber security projects
• Communicate information security goals and new programmes effectively
• Oversee information security audits
• Lead team members in security operations
• Serve as a focal point of contact for the information security team and the client
• Implement and oversee technological upgrades, improvements and major changes to the information security environment
• Conduct information security awareness training to personnel
• Coordinate staff when responding to security incidents
• Investigate and resolve security incidents
• Review security and breach reports
• Report to clients or organizational management on security status of projects

• Relevant diploma or degree qualifications in Information Technology or Cyber Security
• Professional certifications such as CISM, CISSP, CRISC or CISA would be advantageous
• At least 3 to 5 years of IT or Cyber Security experience
• Strong understanding of information security risk assessment and risk management procedures and methodologies
• Ability to correlate enterprise risk with appropriate administrative, physical and technical security controls
• Strong understanding and knowledge of securityprinciples, standards and processes, such as authentication and access controls, infrastructure hardening, network traffic analysis, endpoint security, platform architecture, application security, encryption and key management, cloud security
• Strong working knowledge of UNIX and Windows operating systems
• Excellent verbal and written communication skills
• Dynamic individual and team player with positive working attitude