- IT Security
- Security Operations Center
IT Security Consultant - Kuala Lumpur, Malaysia - CGI
Description
Position Description:
Job Purpose
This role is responsible to manage information risk, to ensure compliance of Security Standards practised by the services/organization and to provide security support on application, projects and to prevent the unintentional, unlawful, or unauthorized disclosure, alteration, or destruction of IT resources.
Your future duties and responsibilities:
KEY RESPONSIBILITIES:
• Responsible to manage operational IT Security for a high availability financial service and work on the reporting & improvement as well as facilitate in audits and trainings.
• To drive Analysis & handling of security vulnerabilities & incidents.
• Establish, maintain and review compliance with Operational Security processes and procedures periodically and to ensure these are met and monitored.
• Establish, maintain and review strict access control to information and IT systems according to business needs and access policies.
• Perform Access Management activities (grant, change and revoke access privileges).
• Establish and maintain an environment that complies with the Payment Card Industry Standards & Requirements, the Information Security Management Framework and other applicable security standards and Baselines.
• Monitor and manage security controls (system settings, logs, alerts, audit trails, attempts, violations, faulty logons, lockouts, etc.)
• To work closely with clients/ application/ infrastructure owners in applying and implementing the new security changes/solutions (e.g, protection concept, security specifications, architecture and design, security assessment).
• Exposure and to work on Security Operation Center (SOC) Tools, maintenance and operations support.
Preferred Skills:
•Knowledge/ Exposure on Baseline controls a.k.a environmental controls, application generic control, Third Party Access controls and Legal and Regulatory controls
•Understanding and exposure working with External auditors on ISAE , PCI-DSS compliance and other mandatory standards, health and safety, ISO/IEC :, : and :
•Maintaining mandatory standards, health and safety, ISO/IEC :, : and :
•Self-starter who can work autonomously and independently and willing to learn and explore compliance and IT security.
•Good written and verbal communications, and ability to productively interact across internal/external stakeholders, auditors and functions.
•Broad understanding of security technology, IT security Standards and compliance.
Required qualifications to be successful in this role:
•You have a university degree, followed by depth experience in the field of Governance or Compliance with focus on IT security.
•Overall 2 - 5 years working experience in IT industry with at least 2 years' experience in IT Security & Compliance.
•Self-motivated and able to work independently as well as a team player.
•Good to have:
-Cards and Payment domain knowledge, Exposure or understanding on PCI DSS, PCI PA-DSS, Security Industry standards, IT Security and Assurance, TIA Knowledge/ practice, Infrastructure Security Knowledge/ Practice, Multiple OS and AD Knowledge practice and SIEM Knowledge / Practice.
-Experience in an IT operations-related field such as IT Security, IT Admin, Disaster Recovery or Maintenance of SOC tools.
Skills: