Senior Cybersecurity Analyst

CAH Global Business Center Sdn Bhd, Wisma Consplant 1

• Monitor, evaluate and assess Columbia Asia’s IT Security controls, policies, setup, and configuration for compliance.
• Managing cybersecurity alerts or threats by performing profound threat analysis.

• Monitoring Security Operations Center (SOC) alerts closely for any security issues.
• Ensuring all tickets raised by SOC and CA internal IT Security ticket are responded and closed within committed service level.
• Performing cyber threat analysis and investigation on any potential security breaches and other related cybersecurity incidents.
• Perform and manage vulnerability assessments on various scanning tools and ensuring all major alerts are remediated.
• Evaluate and score IT Security assessment feedbacks from internal/external parties.
• Review implementation design of all new and existing projects/applications and follow through with remediations.
• Evaluate and assess cloud application security across various setup and instances.
• Managing and monitoring Endpoint Detection & Response (EDR) tool in terms of endpoint compliance, alerts response, and policy configurations.
• Ensuring endpoint devices (workstation/servers) compliance in terms of security and critical patches involving operating systems, standard/custom applications, and hardware firmware.
• Participate actively in penetrations and vulnerabilities assessment exercise performed by external vendors.
• Actively monitor and evaluate compliance of all IT Security tools configurations and policies.
• Perform IT Security awareness training on scheduled basis to all CA community.
• Broadcast relevant IT Security Bulletins and alerts to all members of CA on active threats and best practices.
• Hands on experience in the field of DevSecOps and integrating security component into every part of Software Development Lifecycle (SDLC).
• Evaluation of IT Security compliance into onboarding of new facility or services.
• Engage in ‘ethical hacking’, for example, simulating security breaches.
• Maintain an information security risk register and assist with internal and external audits relating to information security.

• Possess strong interpersonal, analytical and rationalizing skills.
• Sound knowledge of computer systems and competent in Microsoft Office software.
• Resourceful, independent, assertive, result-oriented, disciplined and a team player.
• Willing to travel overseas.
• Possess own transportation.

• Proven work experience as Information Security Analyst or similar role.
• Knowledgeable in AD, Azure Hybrid platforms and various other public/private cloud architecture.
• Added advantage with experience in healthcare industry related security best practices.
• Specialize in hardening of network, IT infrastructure and cloud app security (including API gateway security).
• Knowledgeable in Kubernetes (container orchestration system) architecture.
• Proficient with Windows, Linux, and other OS.
• Proficient in Microsoft Office Suite or related software.
• Experienced with penetration testing and techniques.
• Ability to identify and mitigate network vulnerabilities.

Be careful - Don’t provide your bank or credit card details when applying for jobs. Don't transfer any money or complete suspicious online surveys. If you see something suspicious, report this job ad.