Senior/associate engineer (cyber security)

People Profilers Headhunting, Recruitment, Career Transition, Employer of Record, Payroll Parking, Executive Search, Employment & Work Pass Application. Responsibilities: Review and development of security framework, information security policies, processes/procedures and guidelines on an ongoing basis. Work with vendor to conduct security assessments and penetration tests. Identify security gaps, perform threat risk assessments in current setup and propose mitigating measures. Mitigate and contain threats when detected. Escalate security incidents and non-compliances on a timely basis. Work with IT infrastructure team to evaluate, implement and enhance the network perimeter security, endpoint security, SIEM, secured remote access, MFA, Identity Access Management and Privileged Access Management. Monitor information security alerts, triage, mitigate, and escalate issues as needed. Provide security advisory to end users on a regular basis. IT Security Management of various aspects, e.g. network security, server security, application security, endpoint security, email security, physical access security, logical access security, etc. Keep abreast of industrial IT security advancements and introduce appropriate security enhancements to IT infrastructure and systems. Attend to any other reasonable duties as assigned by the Senior Cyber Security & IT Governance Manager and IT Director. Requirements: Degree in engineering, science or information technology, or equivalent education with 3-5 years of related work experience in cybersecurity management and security governance. Candidates with additional experience will be considered for the Senior Cyber Security Analyst position. Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit/log review), technical vulnerability management (vulnerability assessment, penetration testing), application security, security technologies (system hardening, IDS/IPD, firewall), security incident response and security assessment. Strong understanding of ISO27001 standard. Hands-on experience with at least 4 of the following IT Security Tools: Next Generation Firewall (e.g., Forti Gate, Palo Alto, Cisco Fire Power) SASE (Zscaler, Netskope, Skyhigh) Tenable Security Center Continuous View Endpoint Protection (e.g., Symantec, Trend Micro, Sophos Endpoint) Email Security (e.g., Mimecast, Proof Point, Cisco Email Security) Data Loss Prevention (e.g., Symantec, Force Point, Digital Guardian) SIEM (e.g., Splunk, QRadar) Cyber Ark PAM and IAM Understand Risk Management, Disaster Recovery, Business Continuity and IT Regulatory Compliance. Good command of written and spoken English, excellent interpersonal and communication skills. Pro-active, independent, resourceful, able to work in a team environment and work independently with minimal supervision. Work well with all functional levels in the organization. CISSP, CISM, CISA or equivalent IT security certifications will be advantageous. Prior IT security consulting and/or IT Network experience will be advantageous. All Successful candidates can expect a very competitive remuneration package and a comprehensive range of benefits. We regret that only shortlisted candidates will be notified. #J-18808-Ljbffr