IT Security Consultant - Kuala Lumpur, Malaysia - CGI

Description

Position Description:

Job Purpose
This role is responsible to manage information risk, to ensure compliance of Security Standards practised by the services/organization and to provide security support on application, projects and to prevent the unintentional, unlawful, or unauthorized disclosure, alteration, or destruction of IT resources.

Your future duties and responsibilities:

KEY RESPONSIBILITIES:

• Responsible to manage operational IT Security for a high availability financial service and work on the reporting & improvement as well as facilitate in audits and trainings.

• To drive Analysis & handling of security vulnerabilities & incidents.

• Establish, maintain and review compliance with Operational Security processes and procedures periodically and to ensure these are met and monitored.

• Establish, maintain and review strict access control to information and IT systems according to business needs and access policies.

• Perform Access Management activities (grant, change and revoke access privileges).

• Establish and maintain an environment that complies with the Payment Card Industry Standards & Requirements, the Information Security Management Framework and other applicable security standards and Baselines.

• Monitor and manage security controls (system settings, logs, alerts, audit trails, attempts, violations, faulty logons, lockouts, etc.)

• To work closely with clients/ application/ infrastructure owners in applying and implementing the new security changes/solutions (e.g, protection concept, security specifications, architecture and design, security assessment).

• Exposure and to work on Security Operation Center (SOC) Tools, maintenance and operations support.

Preferred Skills:

•Knowledge/ Exposure on Baseline controls a.k.a environmental controls, application generic control, Third Party Access controls and Legal and Regulatory controls

•Understanding and exposure working with External auditors on ISAE , PCI-DSS compliance and other mandatory standards, health and safety, ISO/IEC :, : and :

•Maintaining mandatory standards, health and safety, ISO/IEC :, : and :

•Self-starter who can work autonomously and independently and willing to learn and explore compliance and IT security.

•Good written and verbal communications, and ability to productively interact across internal/external stakeholders, auditors and functions.

•Broad understanding of security technology, IT security Standards and compliance.

Required qualifications to be successful in this role:

•You have a university degree, followed by depth experience in the field of Governance or Compliance with focus on IT security.

•Overall 2 - 5 years working experience in IT industry with at least 2 years' experience in IT Security & Compliance.

•Self-motivated and able to work independently as well as a team player.

•Good to have:
-Cards and Payment domain knowledge, Exposure or understanding on PCI DSS, PCI PA-DSS, Security Industry standards, IT Security and Assurance, TIA Knowledge/ practice, Infrastructure Security Knowledge/ Practice, Multiple OS and AD Knowledge practice and SIEM Knowledge / Practice.
-Experience in an IT operations-related field such as IT Security, IT Admin, Disaster Recovery or Maintenance of SOC tools.

Skills: