Responsibility
- Conducting regular security analysis such as network security/ Firewall, SIEM, intrusion detection, and prevention system
- Investigate security alerts and provide incident response
- Performing vulnerability assessment
- Providing advisory and recommend resolutions for security threats and vulnerabilities
- Conducting Log review assessment and security event management
- Monitor for attacks, intrusions, and unusual, unauthorized, or illegal activities
- Evaluating emerging cybersecurity technology products and translate them into feasible solutions to strengthen the cybersecurity defense of the company.
- Ensure that the documentation is always up-to-date.
- Conduct internal security audits
Reporting
- Report privacy breaches and malware
- Report vulnerable points of access
- Report on outdated security software or patch levels on any device
- Report potential improvements
Documentation
- Create and maintain all relevant security documentation
Education
Work experience
- 3 years IT Security experience
Expertise and methodology
- Firewall (At least one of the following technologies: Checkpoint, Cisco, Fortinet, Palo Alto)
- Professional certificates (CISSP, CISA, CISM, CompTIA Security, GIAC, CRISC, etc)
- Good in the server (Windows, Linux) and network architecture.
- Knowledge of IT security practices
- Exposure and understand CSIR framework.
- Knowledge of standard attacks at the network, system, and application-level (principles, detection methods, countermeasures, etc.)
- Knowledge in IT risk assessment
- Experience managing small to medium-sized projects
- Operational experience managing security equipment
- Experience in vulnerability scanning and management
- Experience in handling IT audit
Optional Skills
- MS Azure Cloud
- ISO27001, PDPA, GDPR compliance
- Python programming
- Command scripting
- Reverse proxy
- SSL VPN
- BCP / DRP
- Cyber Forensic
- Penetration testing
Other Requirement Criteria
- Analytical ability
- Consulting skills
- Pro-active and result oriented
- Communication skills
- Client and service orientation
