Description:
• *Main Duties and Responsibilities**:
- Continuously assess the Information Security across Company Group, identify gaps, propose solutions, implementation upon review and approval from managers and ensure implementations are working as expected
- Act as the owner of the security road map, conduct frequent review to measure the security maturity across the organization
- Develop Information Security set of standards and practices following the best practices in the market
- Act as the owner of the bug bounty program and report the progress frequently to the stakeholders
- Conducting, as per the approved policy, the internal information security audit. Conducting proactive research to analyse security weaknesses and recommend appropriate strategies
- Planning, implementing, managing, monitoring, and upgrading security measures for the protection of Company data, systems, and networks
- Ensuring that Company data and infrastructure are protected by enabling the appropriate security controls
- Raising the security information best practices awareness across Company at all levels (employees, senior employees, managers, business stakeholders, usersetc)
- Leading all system and/or network security breaches/incidents response and resolution activities
- Identifying current and emerging technology issues including security trends, vulnerabilities and threats
- Participating in the change management process from the security context
- Liaising with Technology department peers to meet the information security standard in all of Company IT Services and IT Infrastructure
- Liaising with vendors to implement security solutions
- Performs relevant and new job-related duties as assigned by supervisor
• *Skill Required**:
- Hands-On experience across a variety of security products including firewalls, URL filtering, Office 365 Security, VPNs, Endpoint Protection, Threats Protection, Even Management and Security Orchestration Automationand Response (SOAR)
- Profound understanding of security threats relevant to Web Sites, Applications and Broadcasting Systems
- Outstanding communication skills that go beyond technical discussion. The ability to communicate complex IT Security material in plain English to those without an IT background
- Previous deep knowledge of Linux and/or Windows Operating Systems, coding languages, and/or Network Traffic Analysis from security perspective would be an asset
- Sold time management and inter-organisational skills
- **Qualifications and Experience**:
- A degree in computer science, IT, systems engineering, or related qualification
- At least 5 years of work experience in similar role with proven history of security incident detection, incident response, and forensics
- Outstanding problem-solving skills, troubleshooting skills and strong attention to detail with an analytical mind
- Great awareness of cybersecurity trends and hacking techniques
- Knowledge of Software development life cycle and related frameworks/methodologies
- Certification in ITIL Foundation (preferred)
- Information Security Certification (preferred)
