IT Security Operation responsible to plan, organize and manage overall related IT security for the day-to-day operations of Information Technology to ensure the Client security standard has been settle for production environment. This includes developing, supporting and optimizing key functional areas, particularly define the proper security standard and validate the configuration for end point, system, network and server. IT Security Operation will also schedule and provide direct activities to resolve any security breach on hardware and software for both clients and servers in a timely and accurate fashion.
Oversee the global policies and procedures, work across peer group inside and outside IT to drive security policy, awareness as well as control and manage the IT policy and procedure. Review, assessment, maintains and updates key data points relevant to CIP, SCCM and IT audit tasks. IT Security Operation will be provide an overall governance and service management of the security operation services e.g. ensure metrics are defined and generated to measure and report on service effectiveness and appropriate policies and standards are authored and maintained. IT Security Operation will also augment IT security strengths by engaging with partner, outsourcing partners for non-critical areas of information protection.
IT Security Operation developing key component of IT security, security strategy and best practice for execution to Client users, customers and partners by leveraging CIP technology platform. Provide excellent client service while evaluating the type and severity of security events by making use of packet analyses, and an in-depth understanding of exploits and vulnerabilities. Proactive system security monitor, identify trend and resolve issues by taking the appropriate corrective action or following the appropriate escalation procedures.
Leads the design, implement, development of various security solutions to support technology and business needs.
Research, evaluate, recommend and administrate systems follow information protection procedures to ensure the protection of information processed, stored or transmitted.
Identifies security risks and exposures, determines the causes of complex security violations at the highest technical level and suggests procedures to halt future incidents. Provide virus monitoring and crisis management.
Provides assistance to system users relative to information systems security matters.
Manage and maintain deployment tools and generate package.
Assist with CIP reviews, analyze and follow up CIP and Operations assigned tasks
Collaborate and assist other IT member and business with Security and Operations related matters.
Handling security related projects improvement by assessing system environment, evaluating technology trends and anticipating requirement
Collaborate and assist CIP physical site assessment and evaluation on ad-hoc or monthly basis
Reporting security violations, response, manage and resolve CIP incident
Maintain and provide a collated cross-service view including provide a single or holistic view of a security threat utilizing input from multiple monitoring and response services and tools
Bachelor’s Degree in Computer Engineer, Computer Science or other related fields.
Minimum 3 years experience in IT
In depth understanding of core security monitoring and response services – process, technology and governance – including attack detection, vulnerability management, security incident management and threat intelligence
Solid in security service governance and management e.g. definition of policies, standards, procedures, and metrics to measure and report on service effectiveness and performance
Good security incident response – ability to assessment and verify security events, and direct and execute containment actions
Focused on delivering good customer service – responding to requests within required timeframes, proactively providing regular updates, driving rapid resolution of requests
Proven and delivering continuous service improvement and IT governance experience
Good understanding in common security management standards/frameworks such as ISO27001 and PCI-DSS
Experience in conducting risk assessment activities, security analysis and incident response review and reporting
Multitasking in a fast paced environment and working effectively with a variety of stakeholders from different technology and business teams
Proven ability to planning, prioritize, time and task management in multiple assignments, often within limited time constraints
Enthusiastic with a drive to continue learning and developing new skills
Project and stakeholder management or management of multiple information technology projects.
Skills in managing multiple systems in a complex environment