Job Description

We are a global leader in secure and sustainable technology lifecycle management services.

Job Responsibilities

Maintain and improve the Information Security Management System (ISMS) Framework and its documentation suite. Support the implementation of security controls defined on security policies, standards, and procedures. Drive assurance activities and work to align security functions of TES-AMM's Security Governance Program. Review documentation and proactively provide feedback and recommendations. Evaluate new security products, technologies, and solutions for use within SK tes. Participate in the design implementation, management, and monitoring of Cyber Security solutions. Improve the integration of existing and future security solutions to SK tes security platform. Monitor systems for anomalies and report cyber security incidents when detected. Participate in and coordinate security incident response activities, including supporting the triage of cyber security incidents as they occur and writing Post-Incident Reports. Alongside Business Managers and other stakeholders (including IT), facilitate the following:
Cyber Security Risk Assessments. Business Impact Assessments. Third-Party Risk Assessments; and Information Risk Assessments. Ensure Business Applications and IT-Managed Systems are appropriately classified, assessed, and documented in the Critical Systems Register. Alongside the IT Team and business stakeholders, gather and maintain evidence that appropriate security measures/controls have been implemented; and Implement and maintain a third-party risk management tool, in alignment with TES-AMM's risk management framework.

Job Requirements

Bachelor's degree in computer science / Information Systems / Information Technology / or related field or equivalent experience 3 years of information technology and/or security experience. Working knowledge of Security and IT Regulations, Frameworks and Standards e.g., ISO/IEC 27001, NIST CSF. Knowledge of Regional Privacy and Data Protection Regulation. Experience with policy and procedure development. Awareness of current threats, attack methods, and common vulnerabilities. Understanding of incident Response processes and technologies. Good understanding of networking and security technologies (IDS/IPS, EDR, Email Security, SIEM, etc.) Experience with Business Continuity Planning and Disaster Recovery. Ability to communicate effectively to stakeholders across the business. Hold relevant professional, technical or management qualifications. Industry certifications such as Security+, ISO 27001 Lead Implementer / Lead Auditor, or equivalent are preferred.
We regret to inform you that due to the high volume of applications received, only candidates who are shortlisted for the next stage of the selection process will be contacted. We appreciate your understanding and thank you for your interest in this opportunity.