The incumbent will be part of the Governance and Compliance team to conduct compliance checks to ensure security controls are in place to meet regulatory requirements.
- Identify potential risks that will impact the organization and recommend action plans to reduce the risks.
- Conduct red/ purple teaming exercise to Business Continuity Plan (BCP) and Disaster Restoration Plan. (DRP) are well documented and communicated.
- Develop policies, standards and guidelines to ensure safety of assets in adherence to business needs, industrial best practices and regulatory requirements.
- Conduct security awareness trainings and cybersecurity exercises.
- Provide security advisory and consultancy to cybersecurity projects.
- Undertake projects and activities that address Cyber risks.
- Other ad-hoc tasks assigned.
Requirements:
- Degree in Cyber Security, Information Technology or related fields with 1- 3 years of relevant experience in a cyber security operations or GRC roles.
- CISSP/CISM/CISA/CEH/ CGEIT/CRISC/AWS or equivalent certification.
- Strong IT background with expert-level knowledge of multiple security practices (Email security solutions, vulnerability management, network security (firewall, IPS/IDS, SIEM, threat intelligence, etc.)
- Knowledge on CSA Code of Practice (CCoP), ISO27001 and IEC62443, NIST Cybersecurity Framework
- Experience in Threat detection, Penetration testing and red teaming.
- Knowledge in Network, Web Security and Application Security would be highly valued
- Experience with information security tools (SIEM, anti-virus tools etc.).
- Experience in forensics and incident management.
- Ability to work under pressure.
- Self-motivated, a good team player and strong ability to multi-task
- Excellent verbal and written communication, presentation and analytical skills
