Job Description

The IT Security and Compliance Administrator

• Implements and monitors information security requirements, policies and compliance. Conducts queries, vulnerability and risk assessments. Assists in audit and provide regulatory requirements;
• Documents and communicates information policies, procedures and guidelines internally and with other 3rd party organization.

• Perform security systems administration tasks, security permission, user/group accounts, access, profiles and policies, event log warnings and errors, resource monitoring, and ensuring configuration and set-up work together accordingly and as recommended.
• Identify information security risks, define acceptable mitigation and remediation strategies.
• Responsible for installation, configuration, and set-up of the network and security devices and systems required for the IT and business operations.
• Monitor, analyze, evaluate, manage, administer and troubleshoot system performance, internet traffic, vulnerabilities and threats and ensure the availability of services to the intended users.
• Maintain records and inventories of the security devices and systems and conduct periodic audit, back-up and recovery, scanning, preventive maintenance, security patches and system upgrade.
• Ensure licenses and agreements are updated, renewed and properly projected and allocated.
• Maintain a thorough understanding of the basic principles of the network and security including but not limited to
  • Firewall
  • Network switches and routers
  • End-point protection
  • Network monitoring
  • Access points
  • Active directory (AD)
  • Lightweight Directory Access Protocol (LDAP)
  • Domain name system (DNS)
  • Dynamic Host Configuration Protocol (DHCP)
  • Security Information and Event Management (SIEM)
  • Security scanning and remediation, etc.
• Interact with other IT team members, vendors and suppliers to assist in the analysis, data gathering, troubleshooting, identification of root cause, technical support and resolution of issues.
• Facilitate, assist and provide the users, partners, project teams including but not limited to software development team in preparing the required systems security to meet the requirements.
• Identify, assess and recommend opportunities for systems security and process improvement.
• Actively participate in the status meeting to communicate progress and escalate risks and roadblocks.
• Prepare training materials and provide assistance in conducting the training to users or other members of the team.
• Responsible for the information security by protecting confidential information from unauthorized access, ensuring the integrity of the information and information system, taking appropriate measures to manage security risks and following and complying with the laws, legislations and terms of contracts.
• Perform other duties as assigned, if necessary.

• Graduate of Electronic and Communication Engineering (ECE) or equivalent
  

• With 2 to 3 years relevant experience in system administration
• Familiarity, knowledge and some experience with the following is an advantage:
  • Firewall
  • Microsoft Active Directory
  • LDAP
  • Endpoint security
  • Network routers and switches
  • Access points
  • DNS / DHCP
  • 7 Open Systems Interconnection (OSI) / Network Layers
  • IP security
  • SSL/HTTPS
  • Intruder Detection System (IDS), Intruder Detection and Prevention (IDP)
  • Virtual Machine
  • Linux/Unix
  • Network/system monitoring and scanning
  • SIEM

• Analytical, result-oriented, team player, fast learner and dynamic
• Can work with minimum supervision
  • Working knowledge in information security and data protection
  • Ability to assess the management, operational and technical security control of the systems
• Effective communication skills
• Thorough; demonstrates attention to detail and accuracy
• Defines and organizes tasks, responsibilities, and priorities
• Takes responsibility for timely completion of work
• Passion to acquire and update skills and the ability to learn new tools and techniques quickly

• Can handle multiple assignments/projects
• Must be willing to work on call and on extended hours