Job Brief :
You are responsible to govern all information security related policies, conduct risk assessment including documenting, managing, and escalating all risks pertaining to the ISMS framework, ISO 27001 implementation and certification review, conduct awareness sessions across the organization, security operations, project management, liaise with relevant authorities and stakeholders with the objective of ensuring compliance to company and regulatory policies within the values and vision of to enhance IT security in.
This role is a non-managerial role that requires the ability to cover a broad portfolio of network security.
Job Responsibilities :
To manage and maintain all relevant documentation pertaining to the Information Security policy
To ensure that approved policy document is communicated to organization wide
Responsible for training and awareness of information security policy
Responsible for enforcing policy requirements and coordinating activities to ensure policy requirements are implemented
Oversee & assist incident response execution including investigation of security breaches, and assist with disciplinary and legal matters associated with breaches as necessary
Information protection responsibilities will include network security architecture, network access and monitoring policies, employee education and awareness, and more.
Responsible and manage Information security risk and vulnerability management
Responsible to assist ISO for ensuring independent incident investigation and coordinate incident response activities with the necessary stakeholders
Administrates security tools and devices and ensures that they are functioning as required
Secures an information technology infrastructure that provides reliable, measurable, consistent, responsive and secure enterprise network services.
Projects & Operations)
Concentrates on the network design and security, particularly troubleshooting and / or debugging network security related problems and enhancement of design
Develop plans to deters and prevent cybercrime from identity and data theft, hacking and invasion of privacy.
Guards vital information systems vigilantly to fight cybercrime.
Participates in investigations by providing all required data to incident response process leaders and follow up on logging reports with platform owners and the submission of related logs and reports
Performs approved device tuning and filtering to increase security tool effectiveness
Facilitate and coordinate all approved InfoSec initiatives in Operations (production IS / IT systems & network) and execute approved InfoSec projects with vendors and DiGi project teams
Take ownership and assist ISO in all security issues / breach related to Internal & External network, Telco and Mobile and internal Wireless infrastructure security and ensure all current and new deployment, changes and upgrade comply to existing SOPP
Involve in new infrastructure planning and deployment that need operations readiness involvement which involved regular meetings and discussion, project plan and deliverables
Job Requirements :
Minimum degree in Information Security / Information Systems / Computer Science / Telecommunications
6 to 8 years of working experience in the field of Information Security & Risk management in Telecommunications.
Strong working experience in risk management, especially with complex / telecommunications systems
Certification of Cyber Security, Forensic and Incident Response is a plus (CISSP, ECSA, GISP, GCIH, GCFE, GCFA)
Good understanding of Information Security standards and best practices ie GRC,ISO / IEC27001 (ISMS), PDPA,PCIDSS, ISF Standard of Good Practice, Cobit, ITIL, etc
Must have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation.
Must have a solid understanding of information technology and information security preferably in wireless mobile communications system
Overall understandings of network / infrastructure security, security awareness & Privacy compliance.
Project management experience would be an added advantage
Incident handling and good exposure in solution architecture design is an added advantage
Scripting and programming experience
Penetration testing experience of systems, web-based applications and networks
Strong technical skills in both information security architecture and penetration testing, Infrastructure and Network Security
An understanding of firewalls, proxies, SIEM, antivirus and IDPS concepts
Experience of using problem solving techniques and threat reporting and developing solutions to meet vulnerability threats
Strong technical knowledge on system security on operating system (e.g.
Unix, Mainframe, Windows), database (e.g.
MS-SQL, Oracle, etc).
Understanding of enterprise security architecture and information / cyber security concepts for global banking and financial institutions
Good communication skills & interpersonal skill
Strong initiative & self-start ability with good professional attitude
Strong analytical and documentation skills
Self motivated, independent and initiator mindset
Not afraid to lead and work with demanding stakeholders
Tambah ke kegemaran
Alih keluar dari kegemaran
Anda perlu log masuk ke akaun anda untuk menambah kerja ini kepada kegemaran anda. Klik "Teruskan" untuk log masuk atau buat akaun baru. Anda kemudian dapat mengakses kegemaran anda dari laman web kami atau dari aplikasi mudah alih neuvoo.
Tidak, terima kasih