全职 Security Lead / Head 工作, 薪水 up to MYR 16,000, Altecflex WP Kuala Lumpur 公司招聘中 - Ricebowl

Specialise in IT Systems/Infrastructure Security; implement and monitor security measures for the protection of computer systems, networks, and information to ensure that all IT related security components are implemented in accordance with the compliance against organisation’s Information Security Policy and Management Standards, and other Statutory, Legal or Regulatory compliance requirements.

Oversee all day-to-day IT security incidents/administration/health check on current servers and network infrastructure security controls. Identify IT risks, threats, and vulnerabilities in the company’s technology infrastructure. Analyse and report computer network/servers/application security breaches or attempted breaches. Investigate security incidents, updates, and documents security control, perform risk assessments, take appropriate action to minimize harm and make recommendations to corrective action. Maintain incident documentation, participate in post-mortems, and write incident reports.

Establish and maintains IT security related policies, procedures, and guidelines. Perform annual reviews of the security related guidelines and control to ensure the efficiency and effectiveness of the Information Security controls and recommend improvements wherever is necessary. Develop comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.

Coordinate with internal, external audit and IT teams to during audits and provide the requested information on a timely basis and update the status of audit findings and remediations to IT management.

Drive continuous process improvement to all security functions utilizing KPIs and key metrics.

Advise on security operational controls to systems or applications during the design and implementation of new systema or technology.

Perform vulnerability and penetration testing management program, reporting with risk priorities, remediation and recommending appropriate solutions.

Responsible to manage and report to Management on any Cyber Security issues, statistical fault reports and status on weekly and monthly basis.

Participate in Business Continuity and Disaster recovery simulations including infrastructure, security readiness and checklists.

Provide periodic updates on cyber security activities, audits and briefing to Management and staff.

Diploma / Degree in Information Technology or equivalent.

5-10 years’ experience in either IT Security Technologies, IT General Control and IT Processes and Governance.

At least 3-5 years’ experience managing teams of IT security engineers or support staff.

Possess hands-on technical experience in setup/implementation/managing IT security related solution/system, including network security monitoring, NAC, L2/L3 firewalls, routing, switching, IDS/IPS, Proxy, WAF, VLAN, VPN Technology, Endpoint Detection and Response Solution, Backup Solution, Event Management (SIEM) Technologies, Content Filtering, Vulnerability Scans & Management, Encryption Technology, DHCP, DNS, HTTP, SSL, SSH, LDAP, IPSEC, etc.

Knowledge of ISO27001, NIST Security Framework, local regulator guidelines and requirement and other IT Security governance and controls.

Security Operations Centre (SOC) and Privileged Access Management (PAM) solutions knowledge would be an added advantage.

Certified in Information Security Management System (ISMS) or professional security certification such as CISSP, CISM, CompTIA Security etc. would be an added advantage.

ITILV4 Foundation and/or experience in Incident, Problem, Change and Configuration management would be an added advantage.

Exceptional communication, problem solving and cross-group collaboration skills.

Excellent command of written and spoken English.

Ability to present technical concepts in business-friendly and user-friendly language.

Self-starter with a positive work attitude and be able to work independently.

Strong team player with ability to work in a team and as individual contributor.

Ability to work on own initiative with minimal supervision, excellent time management, priorities and organisational skills to work on multi-tasks with high sense of urgency and tight deadlines.