4 days ago
Reporting to IT Manager, this incumbent is responsible for building secure software, monitoring system and infrastructure at the highest security standard.
He/ she will design, build and manage security solutions, perform technical security assessments and vulnerability testing to highlight and mitigate risks. He/ she will also work closely with Group and Regional IT to design and build a robust system to enhance the security of our infrastructure and systems.
- Support the region in the areas of Information & Cyber Security and Network & Infrastructure.
- Lead the Global Incident Management process for incidents within region and support globally if needed.
- Work closely with the Security Engineer lead and Global Security team to meet policy & technical standards.
- Support the ongoing development of the IT Security strategy that improves the security posture for our employees and data
- Ensure all Security Applications and Tools are implemented and managed in region.
- Evaluate, maintain and configure security functions within Business Applications.
- Ensure Vulnerability Management & Patch Management are implemented, analysed and appropriately actioned.
- Lead and support remediation tasks required based on Internal & External Penetration Testing.
- Setup and maintain network VLANs and other controls to support security segmentation.
- Keep abreast of all emerging technical vulnerabilities, report on them and make appropriate plans to remediate.
- Support the regional and global teams in ensuring that the business is compliant with Data Protection Regulation. (GDPR), CCPA, Payment Card Industry Data Security Standards (PCI-DSS) and local regulations and other standards. where applicable.
- Assist with the development security controls in alignment with good practice frameworks, e.g. ISO27001/2, NIST CSF, PCI-DSS.
- Help raise awareness and knowledge about information security and risk of cyber space through various channels and means
- Degree in Computer Science/ Engineering/ Information Systems or a related discipline
- At least 5 years of relevant experience in information/ cyber security
- Hands-on experience implementing and maintaining network & infrastructure solutions
- Practical knowledge of Enterprise Security Applications, e.g. Carbon Black, Azure Security Center, Mimecast, Qualys etc.
- Excellent communication skills both written and verbal with the ability to interact effectively with senior both technical and non-technical teams, including strong experience in delivering business and systems change initiatives.
- Track record in analysing business requirements and delivering technical business solutions.
- Ability to write clear business documentation, such as business process documents, technical specifications and training documents.
- Ability to effectively manage multiple projects/tasks of varying complexities, meet deadlines and work well under pressure.
- Any Network, Infrastructure or Security related certifications are a huge plus