Information Security AnalystCybersecurity IT @Grayson Talent
The Information Security Analyst (ISA) will be assigned with the IT security administration functions and provide technical support on security related issues. The ISA will monitor information systems for security issues; manage security incidents and administer security solutions. The incumbent will be responsible to develop appropriate measures to prevent, anticipate, detect, alert, document and manage any security breaches within an assigned perimeter. The ISA will be responsible to work with information security experts for the implementation, tuning and monitoring of existing and new security technologies, analyse current systems for vulnerabilities, assist with cyber incident investigations, contribute to security policies, processes and procedures. This includes examination of how security configurations are maintained and enhancement of the assessment methodology. The ISA will also have interaction with the group Information Security Officer (ISO) and the Chief Security Information Officer (CISO) to ensure that Group’s IT infrastructure is protected and resilient from cyber-risks.
- Act as the Security Operation Center Analyst (SOC Analyst) to monitor IT activities and events on SOC platform through SIEMs to verify that normal operations linked to IT security are running as per standard and to be able to detect, qualify and alert any abnormal activity.
- Perform triage, analysis of the security incident to guide the containment of the incident and eradication to ensure recovery after the incident.
- Ensure that the escalation process and response team detect and reacts swiftly to security incidents, and subsequently close the incident management procedure as per standard and to document the lessons learned.
- Perform period security risk assessments, IT network infrastructure reviews, system technical configurations reviews, information security policies and processes/procedures reviews etc.
- Make recommendation to increase the level of security and resilience of our information systems keeping all devices hardened against attacks and securing highly sensitive data.
- Manage information security incidents: Monitor, liaise with incident response service, control and communicate information security incidents to the appropriate levels of local, group and headquarter level and act as the SPOC (Single Point of Contact).
- Perform information security incident investigation and conduct post-incident reviews.
- Provide periodic reporting on information security issues using monitoring/reporting tools.
- Establish a mature local security operation model to enhance existing security administration workflows, integration with other security systems (including SOC/SIEM, EPO, EDR, MDR, Nessus, drive encryption), and implement automation of security processes (such as Security
Orchestration and Automation (SOAR) Playbook) in collaboration with the group.
- Assist the Group CERT alerts monitoring for intrusions, attacks and hacks in collaboration with the ISO, CISO and local CERT.
- Participate in the development and execution of the strategic roadmap to improve Cyber & IT Security control for covering data, network, system, virtualization and cloud security domains.
- Ensure that the Security Operations Centre (SOC) capability remains relevant to the scale and security of the business.
- Evaluate and analyse threat, vulnerability, impact and risk to security issues discovered from security risk assessments and respond to them. Make recommendations with appropriate solutions to mitigate their effects. Provide support for Cyber Security Exercises.
- Assist in the development and maintenance of an integrated security program to protect the integrity, confidentiality, and availability of information systems assets.
- Scrutinise and analyse information security policies, procedures and information security practices.
- Assist in enhancing corporate security policies, standards and procedures for Cyber & IT Security functions that align to Group standards.
- Participate actively in the setting up of the IT security governance committee and the Information Security Management System (ISMS).
- Enhance the change management process to keep up with evolving cyber threat landscape.
- Formulate technology risk management investment and expenditure. Manage the needs to improve the IT Risk Management & Security capabilities as well as to achieve cost efficiency.
Internal control: to contribute to the implementation, monitoring and analysis of information security controls, indicators and reports (internal and Group).
- Performs audit and controls on IT and security systems to ensure that patches or updates are done correctly and make proper documentation and follow-up.
- Work on IT security design and analysis, and business continuity management, ISMS assessment and implementation. Be in charge of managing all aspects of information security and business continuity.
- Business continuity plan: to participate to the implementation, operational maintenance and testing of business continuity plans such as cyber crisis exercise.
- Perform security awareness program including animation of internal trainings related to security.
- Assist the manager in ensuring that the set IT security standards meets the business requirements.
- Perform any other cognate duties as requested by management.
- Bachelor’s Degree or Master in IT security or equivalent with a minimum of 3+ years of working
experience in a similar position with equivalent security certifications (CISM, CISA, GSEC CEH, CISSP etc.)
- Demonstrated proficiency in cybersecurity domains. Good experience in general IT security (Risk management, SOC, IAM, Data security, Cyber Crisis management, BCP…)
- Good understanding of security systems and concepts including: Firewall, IDS/IPS, EDR, SIEM, DLP, Least privilege, Defense in Depth.
- Knowledge and/or experience with common information security management frameworks, such as in ISO 270001/2, GDPR, NIST, MITRE ATT&CK.
- Working knowledge of general industry security concepts (encryption, access control, change management, secure infrastructure, vulnerability management, etc.)
- Understand Cryptography, Key Management, SSL, TLS, S/MIME standards.
- Capable of liaising with vendors for feasibilities studies, POC, sourcing, supplier selecting (as per technology & group requirement) and reporting.
- Have systematic approach to documentation, report and adherence to IT security procedures/policies.
- Strong written and verbal communication skills in English and French.
- Good report writing and analytical skills, detail-oriented and meticulous.
- Good understanding of IT technical constraints and understanding of enterprise architecture.
- Keep abreast of emerging industry and technology trends in relation to cyber security.
- Must be willing to constantly learn and improve.
- Ability to remain calm and to exactly follow procedures in case of threats and incidents.
- Be able to work under pressure with tight deadlines.