Security Analyst

Responsibilities

• Have an understanding of common cyber-threats, penetration/intrusion techniques and attack vectors.
• Supporting endpoint security solutions, such as McAfee, Symantec, Carbon Black, FireEye HX etc.
• Have an understanding of the following OS platform like Windows Server 2012 & 2016, Windows 7 & 10, macOS, iOS, UNIX, Linux, etc.)
• Windows virtualization-based security capabilities, such as Device Guard, Credential Guard, or Application Guard.
• Utilizing cybersecurity industry standards such as CIS or NIST to develop secure standards for Windows, macOS, iOS, and/or Office 365.
• Understanding of CVSS, CVE, CWE, CPE, CCE, CWE, OVAL, SCAP and/or other standards.
• Knowledge in SIEM solutions (Splunk, QRadar, ArcSight, AlienVault, etc.) to search system logs for troubleshooting or security investigation purposes.
• Knowledge in Microsoft Azure, Amazon AWS or Office 365.
• Candidate will also participate in deployment and maintenance of enterprise security documents (policies, standards, guidelines, and procedures) under the guide of the IT Security Manager.
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors regarding Endpoint platforms (including Windows 10, macOS, and iOS devices).
• Maintain up-to-date security baselines for the secure configuration and operation of security tools and endpoint devices in use within the organization, with a primary focus on Windows OS and Linux.
• Monitor all in-place security solutions for efficient and appropriate operations.
• Assist with the implementation, support, and maintenance of endpoint security solutions, including antivirus, Endpoint Detection and Response (EDR), hostbased firewalls, and other endpoint systems.
• Review logs and reports of in-place systems, with a focus on systems maintained by Information Security and endpoint systems that are maintained outside of Information Security. Interpret the implications of that activity and devise plans for appropriate resolution.
• Enhance current hardware and software with implementations of better security standards.

Requirements

• Bachelor Degree in Computer Science, Engineering, information security, related fields or equivalent experience. 
• 1-3 years thorough knowledge and experience in Information Technology.
• Professional security related qualification (e.g. CISSP, CISM, GSEC, CEH, CSX-P & etc) is an added advantage.
• Working knowledge and exposure to any SIEMS, DLP, Endpoint and other security solutions.
• Possess a good working attitude and a capacity to learn.