Responsibilities
- Design, implement, operate, and maintain the organization's Security Management System (SMS) in alignment with ISO 27001 and other applicable security frameworks.
- Manage and administer security infrastructure, including next-generation firewalls, IDS/IPS, NAC, VPN solutions, and security management platforms.
- Develop, implement, and enforce information security policies, standards, procedures, and guidelines.
- Monitor security events, logs, and alerts using SIEM and security monitoring tools to detect, analyze, and respond to threats.
- Investigate security incidents, perform root-cause analysis, and lead incident response and remediation activities.
- Ensure system hardening, secure configurations, and compliance with security baselines across network and infrastructure components.
- Coordinate vulnerability assessments, penetration testing activities, and remediation tracking.
- Support firewall policy management, security rule reviews, log analysis, and continuous security tuning.
- Oversee access control mechanisms, authentication systems, and NAC solutions to ensure secure network access.
- Collaborate with network, infrastructure, presales, and project teams on secure design and implementation of new systems and services.
- Support Data Center and Disaster Recovery (DR) security implementations, audits, and compliance reviews.
- Maintain security documentation, including risk assessments, asset registers, SOPs, incident reports, and audit evidence.
- Manage vendor coordination related to security tools, licensing, renewals, RMA cases, and security product evaluations.
- Support internal and external audits, regulatory requirements, and compliance initiatives.
Requirements
- Bachelor's degree in information security, Computer Science, Engineering, Information Technology, or a related field.
- Minimum of 4 years of hands-on experience in information security, security operations, or security management systems.
- Strong understanding of Security Management Systems (SMS) and information security frameworks such as ISO 27001, ISO 27002, NIST, or similar.
- Proven experience in network and infrastructure security across LAN, WAN, Data Center, and DR environments.
- Hands-on experience with next-generation firewalls (Palo Alto, FortiGate, Cisco FTD, Juniper SRX).
- Solid knowledge of routing, switching, and secure network design concepts.
- Practical experience with VPN technologies (IPsec, SSL VPN, GRE, DMVPN).
- Experience with SIEM platforms, log management, and security monitoring tools.
- Familiarity with vulnerability management tools such as Nessus or equivalent.
- Experience with NAC solutions such as Cisco ISE or FortiNAC.
- Understanding of risk assessment, threat modeling, and security controls implementation.
- Experience performing OS upgrades, firmware updates, configuration backups, and security maintenance activities.
- Strong documentation skills with experience in policy writing, procedures, and audit reporting.
- Experience in banking, telecommunications, cloud, or enterprise environments is preferred.
- Ability to manage multiple tasks and respond effectively in a fast-paced environment.
- Willingness to work 24/7 shifts, including nights, weekends, and public holidays, if required.
- CCNA/CCNP Certificate is must.
- Preferred who is certified in PCNSE and Fortinet NSE
- CISSP, CISM, or equivalent security certifications (added advantage)
LiangSyeh Wei (Shevy) - R:R22108807
