Cyber Security Analyst
[March 28, 2023 ]
Negotiable
Full Time
Responsibility
• Preform security review on the GRT IT infrastructures and applications to identify vulnerabilities and evaluate risks
• Implement mitigation controls/safeguards to enhance organization cyber defense capabilities
• Work with multiple teams ensure information security policies, best practices and standards are integrated in the organization IT environment
• Manage risk by analyzing the root cause of security issues, impact to technology, and required corrective actions leveraging advanced analytical skills.
• Coordinate with organization’s IT team, IT service providers, security service providers, relevant stake holder to ensure cybersecurity risks are timely mitigated
• Develop and maintain secure configuration for organization IT assets
• Coordinate internal and external IS audit/assessments and remediate findings
• Provide regular updates to IT team and management about existing and emerging risks
• Regularly conduct information security awareness program for the organization
• Uses Data encryption, firewalls, and other appropriate security tools and applications to conceal and protect transfers of confidential digital information.
• Develops and implements plans to safeguard digital data from accidental or unauthorized modification, destruction, or disclosure; adheres to emergency data processing needs.
• Continuously updating the company’s incident response and disaster recovery plans, review and monitor backup procedures • Establish a framework for control and access to GRG IT security system
• Provide technical support, learning resources and other valuable information to customers/ distributors/ state holders
• Develop the policies, methods and standards for determining physical and cloud security
• Perform regular backups for databases and important computer files
• Analyze the effectiveness of current security systems and make suggestions for improvement when necessary
• Collaborate with team members to develop an action plan for system development and implementation.
• Adhere to company and legal regulations regarding security concerns and safe work environment.
Requirement
• Hands on experience on cyber security products including NGFW, EPP/EDR, Vulnerability Management, Vulnerability Scanners, and SIEM/SOAR
• Hands on experience on securing ICT infrastructure components such as operating system, database servers, network appliances, cloud environment
• Good knowledge of technical information security knowledge such as, penetration testing, vulnerability assessments, and threat modeling.
• Good knowledge of information security standards/frameworks such as CIS Controls, ISO 27001/2, NIST Cybersecurity Framework.
• Degree in computer science or a technology-related field
• Professional information security certification such as CISSP, CISA, GCIH, OCSP
• 3+ years of industry experience.
• Ability to thrive under pressure.
• Consistently positive attitude
• Multitasker
• Excellent time management skills.