Reporting to the Team Lead, Information Technology Security Department, the main responsibility is to execute security operations processes, identify and measure critical security operations metrics, and continually improves the efficiency and effectiveness of the operations. The job responsibilities are as follows:
- Monitor, investigate and document security incidents detected.
- Perform security incident response and root cause analysis. This includes off-office hours 24x7 support standby on rotation basis
- Work closely with managed security provider, vendors, information system owners or representatives and infrastructure technical staffs on security incidents to perform incident handling and provide remedial actions
- Ensure all security solutions are working and comply with policy and procedures. Respond and remediate timely on any service outages with customer satisfaction as priority
- Provide support on issues relating to security solutions (e.g. endpoint security solutions, data loss prevention solution, SIEM solution, web proxy, intrusion detection system and advanced threat detection systems)
- Perform monthly governance review on incident and sensitive administrative activities
- Prepare and deliver monthly and ad-hoc security incident reports
- Review and update security incident SOP.
- Bachelor's Degree in IT / Computer Science / Computing or related
- Experience in security operations and security operations centre
- Knowledge of networking and windows operating system
- Certified Information System Auditor (CISA), Certified Information System Security Professional (CISSP) or ITIL certification will be an added advantage