Security Analyst

Responsibilities :

• Work with system owners in APAC to ensure CISO KPIs are met
• Coordinate with system owners and update status of non-conformance and their respective remediation plans
• Maintain the list of assets and inventory for each unit/group company
• Assist with security categorization and impact analysis taking into account industry and country regulations
• Coordinate with respective stakeholders for regular Security Risk Assessment
• Assist on the implementation of appropriate controls
• Update progress of each unit/group company on the Security Risk Assessment
• Work our remediation plan with unit/group company and follow up on remedial action
• Update status of vulnerabilities found, remedial action taken and the respective planned closure dates
• Work with system owners, functional departments and business units to maintain information management systems and compliance
• Onsite representative in FTH and FVL for incident response and handling

Qualifications:

• Excellent business awareness and solid analytical skills.
• Excellent interpersonal and leadership skills.
• Ability to execute and multi-task and prioritize with great attention to detail.
• Proficient in leading team and individual efforts.
• Excellent communication skills and documentation skills.
• Excellent client liaison and facilitation skills-ability to collaborate well.
• Experience working in a multi-national company with teams distributed across various time zones.
• Demonstrate a strong understanding of the corporate environment, as well as the key business and technology drivers.
• Maintain performance when under pressure and manage time effectively through the application of organisational and planning skills.
• Excellent team management skills.
• Comfortable communicating at all management levels, including C level.
• Can quickly establish credibility with internal and external teams.

Mandatory Qualifications:

• ITIL Foundations certificate, CISSP, CISM.
• Extensive experience in developing and operating Information Security Management Systems (ISMS) which are compliant with industry standards, including ISM, PSPF, ISO/IEC 27001, SOC2 and/or National Institute of Standards and Technology (NIST).
• Experience as a subject matter expert in cyber security information management, information privacy management, security management liaison and security risk reviews.
• 4+ years’ experience in Cyber Security and governance management.
• 4+ years’ experience leading teams of technical /specialist resources in the delivery of cyber security projects and/or delivery of managed security services.
• Understanding of risk management related products
• Exposure to, and understanding of the role of, key information security standards: NIST, NSCS ISM, PSPF, ISO 27001+ ISO 27002, and other equivalents.
• Excellent written and verbal communication skills, including presentations to senior management/board level, ad-hoc client reports, and preparation of bid collateral.