Senior Cyber Security
Hexamatics Servcomm Sdn Bhd
Selangor, MY
4 hari yang lepas
source :

Job Brief :

You are responsible to govern all information security related policies, conduct risk assessment including documenting, managing, and escalating all risks pertaining to the ISMS framework, ISO 27001 implementation and certification review, conduct awareness sessions across the organization, security operations, project management, liaise with relevant authorities and stakeholders with the objective of ensuring compliance to company and regulatory policies within the values and vision of to enhance IT security in.

This role is a non-managerial role that requires the ability to cover a broad portfolio of network security.

Job Responsibilities :

  • To manage and maintain all relevant documentation pertaining to the Information Security policy
  • To ensure that approved policy document is communicated to organization wide
  • Responsible for training and awareness of information security policy
  • Responsible for enforcing policy requirements and coordinating activities to ensure policy requirements are implemented
  • Oversee & assist incident response execution including investigation of security breaches, and assist with disciplinary and legal matters associated with breaches as necessary
  • Information protection responsibilities will include network security architecture, network access and monitoring policies, employee education and awareness, and more.
  • Responsible and manage Information security risk and vulnerability management
  • Responsible to assist ISO for ensuring independent incident investigation and coordinate incident response activities with the necessary stakeholders
  • Administrates security tools and devices and ensures that they are functioning as required
  • Secures an information technology infrastructure that provides reliable, measurable, consistent, responsive and secure enterprise network services.
  • Projects & Operations)

  • Concentrates on the network design and security, particularly troubleshooting and / or debugging network security related problems and enhancement of design
  • Develop plans to deters and prevent cybercrime from identity and data theft, hacking and invasion of privacy.
  • Guards vital information systems vigilantly to fight cybercrime.
  • Participates in investigations by providing all required data to incident response process leaders and follow up on logging reports with platform owners and the submission of related logs and reports
  • Performs approved device tuning and filtering to increase security tool effectiveness
  • Facilitate and coordinate all approved InfoSec initiatives in Operations (production IS / IT systems & network) and execute approved InfoSec projects with vendors and DiGi project teams
  • Take ownership and assist ISO in all security issues / breach related to Internal & External network, Telco and Mobile and internal Wireless infrastructure security and ensure all current and new deployment, changes and upgrade comply to existing SOPP
  • Involve in new infrastructure planning and deployment that need operations readiness involvement which involved regular meetings and discussion, project plan and deliverables
  • Job Requirements :

  • Minimum degree in Information Security / Information Systems / Computer Science / Telecommunications
  • 6 to 8 years of working experience in the field of Information Security & Risk management in Telecommunications.
  • Strong working experience in risk management, especially with complex / telecommunications systems
  • Certification of Cyber Security, Forensic and Incident Response is a plus (CISSP, ECSA, GISP, GCIH, GCFE, GCFA)
  • Good understanding of Information Security standards and best practices ie GRC,ISO / IEC27001 (ISMS), PDPA,PCIDSS, ISF Standard of Good Practice, Cobit, ITIL, etc
  • Must have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation.
  • Must have a solid understanding of information technology and information security preferably in wireless mobile communications system
  • Overall understandings of network / infrastructure security, security awareness & Privacy compliance.
  • Project management experience would be an added advantage
  • Incident handling and good exposure in solution architecture design is an added advantage
  • Scripting and programming experience
  • Penetration testing experience of systems, web-based applications and networks
  • Strong technical skills in both information security architecture and penetration testing, Infrastructure and Network Security
  • An understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts
  • Experience of using problem solving techniques and threat reporting and developing solutions to meet vulnerability threats
  • Strong technical knowledge on system security on operating system (e.g.
  • Unix, Mainframe, Windows), database (e.g.

    MS-SQL, Oracle, etc).

  • Understanding of enterprise security architecture and information / cyber security concepts for global banking and financial institutions
  • Good communication skills & interpersonal skill
  • Strong initiative & self-start ability with good professional attitude
  • Strong analytical and documentation skills
  • Self motivated, independent and initiator mindset
  • Not afraid to lead and work with demanding stakeholders
  • Memohon
    Tambah ke kegemaran
    Alih keluar dari kegemaran
    E-mel saya
    Dengan mengklik pada "Seterusnya", saya memberikan persetujuan neuvoo untuk memproses data saya dan menghantar saya amaran e-mel, seperti yang terperinci dalam # Privacy Policy neuvoo . Saya boleh menarik balik persetujuan saya atau berhenti berlangganan pada bila-bila masa.
    Borang permohonan