Security Analyst (IAM)

Main Responsibilities

• Security Monitoring and Incident Management o Working with external SOC providers in managing SIEM logs, cyber alerts, endpoint protections, email security and threat intelligence feeds. Investigate, triage and take necessary proactive measures including timely escalate to management.
• Threat and Vulnerability Management
• Conduct periodic vulnerability assessment of the IT application systems, system management, network and communication infrastructure, and security infrastructure.
• Analyse the logs of the various systems including firewalls, IDS/IPS, etc for initiating preventive and/or corrective measures.
• Continuously monitor, measure, and report security posture to management.
• Identity and Access Management (IAM)
• Ensure that processes exist for the creation, modification, access privileges and deletion of user id.
• Review access rights regularly to enforce least privilege for both users and system administrators, and segregation of duty within IT.
• Review Privileged access activities.
• User access management
• Security Technology Administration
• Work with external consultants or IT security service providers as appropriate for security audit and solution.
• Maintain and operate security tools such as firewalls, EDR, WAF, Proxy, email security, DLP, IPS, VPN, NAC, etc.
• Perform health checks, updates and configuration reviews of security systems.
• Recommend and implement security solutions to enhance resilience and compliance.
• Security Baseline and Hardening
• Enforce security configuration baselines for servers, network & security devices, databases, endpoints, and cloud resources.
• Review and update baseline configurations periodically.
• Security Compliance and Audit Support
• Support security-related audits and regulatory activities.
• Prepare documentation and evidence to demonstrate compliance with RMiT and internal policies.
• Assist in drafting and updating security SOPs and guidelines.
• Manage the development and implementation of IT security SOP, standards, guidelines, and procedures to ensure on-going maintenance of security.
• Security Awareness
• Supporting initiatives in promoting security best practices.
• To perform other duties assigned by management.

Job Requirement

At least 5 years’ experience in IT security infrastructure (support and operations).

Additional Notes

• Qualification Minimum a Bachelor’s Degree in IT, Computer Science, Cybersecurity or equivalent. Certification
• Must possess relevant certification in Security domain, with preference on CompTIA Security+, CEH, CISM and CISSP.
• ITIL foundation will be added advantage.

Job Type: Full-time

Pay: RM8,000.00 - RM12,000.00 per month

Benefits:

• Health insurance
• Opportunities for promotion
• Professional development