IT Security Analyst - Banking

• Manage and attend to Security Operation Center (SOC) alert to ensure continuous capability for security event monitoring, detection, response and recovery
• Coordinate/participate in periodic Vulnerability Assessment and Penetration Test performed by vendor and ensure highlighted vulnerabilities is tracked and remediated as per timeline stated in VAPT and Patch Management policy
• Collect and analyze threat intelligence feeds from various sources to identify potential cyber threat and risk while taking the appropriate action based on shared IOC’s
• Assist in performing IT Security risk assessment in accordance with regulatory requirements and industry best practice
• Lead and assist in preparation of IT Security and compliance report
• Partners with IT Managers and other members to ensure risk and compliance issues are identified, defined, communicated and address in timely manner
• Develop, administer IT Security policies, procedure, guidelines and standard
• Work closely with CISO Office to provide IT Security /Cyber Security advisory
• Plan and coordinate IT Security projects and initiatives
• Assist and participate in internal/external IT Audit engagement related to Information Security, monitor and track audit progress
• Provide IT Security /Cyber Security advisory and best practice to other stake holders
• Act and keep track on the identified Key Risk Indicator (KRI) established by internal stakeholders or regulatory

• Candidate must possess at least a professional certificate / Diploma / Degree in Computer Science / Information Technology or equivalent.
• Professional certificates in IT Security / Cyber Security will be an added advantages
• Minimum 5 years working experience in IT Security / Cyber Security fields
• Experience in the financial sector will be an added advantages
• Good interpersonal skill and able to interact with users at all levels
• Able to work independently with minimum supervision
• Experience and strong knowledge in Information Security technologies and controls (FW/IPS/WAF SIEM, VAPT, End Point Protection, DLP, Privilege Access Management)
• Sound knowledge and good understanding on BNM RMiT and other regulatory guideline