Responsibilities:
Security Operations & Incident Support
- Monitor security alerts and events from security tools such as SIEM, EDR, IDS/IPS, and firewalls.
- Assist in the investigation, documentation, and escalation of security incidents.
- Support incident response activities including evidence collection, containment actions, and recovery tasks under guidance from senior team members.
- Maintain incident records and assist in post-incident reviews and reporting.
Vulnerability & Threat Management
- Support regular vulnerability scanning activities and track remediation progress.
- Assist in coordinating penetration tests and follow-up actions.
- Monitor security advisories and emerging threats, and report potential impacts to systems.
- Work with IT and engineering teams to verify patching and system hardening activities.
Security Compliance & Risk Support
- Assist in maintaining security policies, procedures, standards, and documentation.
- Support compliance efforts related to PCI DSS, MAS TRM, GDPR, and other applicable regulations.
- Help prepare evidence and documentation for internal and external audits.
- Participate in risk assessments and track remediation actions.
Security Awareness & Collaboration
- Support security awareness initiatives such as phishing simulations and training materials.
- Act as a point of contact for basic security-related queries from internal teams.
- Collaborate with IT, DevOps, and engineering teams to promote secure practices.
- Assist in coordinating with vendors and service providers on security-related matters.
Job Requirements
- Diploma or Degree in Information Security, Computer Science, IT, or a related field.
- 1-3 years of experience in IT security, SOC operations, IT operations, or a related role.
- Understanding of cybersecurity concepts such as malware, phishing, vulnerabilities, and incident response.
- Familiarity with security tools such as SIEM, EDR, vulnerability scanners, or firewalls.
- Basic knowledge of operating systems, networks, and cloud environments.
- Understanding of security frameworks and standards (e.g., ISO 27001, PCI DSS, MAS TRM) is a plus.
- Hands-on experience with SIEM (Splunk, Azure Sentinel, etc.), EDR, firewalls, and cloud security (AWS/Azure/GCP).
