Senior Analyst - Cyber Security

Position Summary

As a member of the Cyber Risk, Security & Architecture team, the Senior Analyst - Cyber Risk & Security is responsible for protecting GEG's information assets. He/she will work under the supervision and guidance from the Manager to provide support to the development, management and implementation of corporate-wide information security controls.

Primary Responsibility

> Contribute the team working as the cyber security “Subject Matter Expert” for GEG by conducting following tasks on rotation basis:
> Conduct basic reviews on IS&T projects and initiatives.
> Review and assess the effectiveness of security measures applied. Recommend and develop security measures to protect information against unauthorized modification or loss.
> Review and test cyber security controls for different layers including data, applications, operating systems, and network devices.
> Drive the resolution of cyber security issues within agreed timeline
> Coordinating the security incident management process with different IS&T teams and business users.
> Coordinate the vulnerability management and patch management process among IS&T teams.
> Enhance and improve the security applications and associated solutions including SIEM, IDS/IPS, Web Security Gateways, Email Security Gateways, End-Point Security, APT solutions, Web Application Firewalls, Vulnerability Management Systems, Privileged ID management system, Security Threat hunting and analysis, etc.
> Assist in implementing cyber security projects

Requirements

Bachelor's degree in computer science, computer engineering, systems analysis, or a related study, or equivalent experience.
3 or more years of experience in not less than one IT discipline including, but not limited to application support, application development, data analysis, servers and storage, networking, middleware, database management, IT operations, etc.
Strong technical skills in Windows and basic Linux security
Experience in either Windows or Linux shell scripting would be an advantage
Ability to write simple regular expressions
Excellent written and verbal communication skills with a good ability to communicate in English.
Strong time management, planning and organizational skills.
Strong interpersonal skills, including teamwork, facilitation and negotiation.
Strong analytical and technical skills.
Good ability to translate business needs into technical requirements.
Good problem solving skills.
Good customer service skills.
Assertive, and basic ability to tactfully and positively manage and maintain business relationships.
Good skills to work independently and deliver task as planned.
Basic skills and knowledge in building or managing cyber security controls.
Basic skills and knowledge in cyber risk identification and treatment
Skills and experience in computer forencis would be advantageous.
Security related certifications from ISC2, EC-Council, CompTia+, SANS, Offensive Security, etc. would be beneficial