Security Analyst

At Toku, we create bespoke cloud communications and customer engagement solutions to reimagine customer experiences for enterprises. We provide an end-to-end approach to help businesses overcome the complexity of digital transformation in APAC markets and enhance their CX with mission-critical cloud communication solutions. Toku combines local strategic consulting expertise, bespoke technology, regional in-country infrastructure, connectivity and global reach to serve the diverse needs of enterprises operating regionally.

As we continue creating momentum for our products in the APAC region and helping customers with their communications needs, we are seeking a Security Analyst to be a trusted consultant and advisor on all matters relating to threat detection, alerts monitoring, and incident response. Reporting to our Information Security Manager, you will be a key point of contact both on in-house initiatives at Toku and consultatively for specific client projects. You will have ownership on identifying, diagnosing, solutioning, escalating, documenting and reporting incidents and threats, performing risk assessments and working towards improving and optimising systems and procedures.

This role offers broad exposure over a number of information security aspects, with potential growth paths towards GRC, InfoSec, Cybersecurity and more. In addition, you be part of a new and growing security function at Toku, and will be highly visible across stakeholders and teams, liaising regularly with senior architecture, development, cybersecurity and network stakeholders both in-house and externally. Join us as we strengthen our security posture, inspire a culture of compliance, and drive our organization towards a secure and resilient future.

Want to be part of our journey?

**What would you be doing?**
- Identify and evaluate existing security risks, both in-house and on client projects, and implement enhancements.
- Review and respond to alarms/tickets, taking action to prioritise, resolve / escalate, log and report to internal and external stakeholders according to best practices. From here, perform and document risk assessment reports.
- Attend client site meeting periodically, answering clients’ risk management and security questions and addressing / reporting security concerns.
- Review security incident and event logs, and monitor threat intelligence feeds, optimising and contributing to ongoing threat intelligence.
- Collaboratively work with security vendors for incident response and alerts monitoring.
- Analyse, and report compliance against security controls, identifying areas for improvement in data collection, assurance processes, and security procedures.
- Identify acceptable levels of residual risk and assist with action plans, policy, and procedural changes for risk mitigation.
- In addition to monitoring and threat detection, proactively assist / manage various in-house security projects and initiatives and provide guidance on security matters for other projects.
- Ensuring audit trails, system logs and other monitoring data sources are reviewed periodically and follow and adhere to regulatory policies.
- Stay up to date on latest security trends and standards, conduct research on security improvements and provide recommendations to clients and stakeholders.

**We would love to hear from you if you have**:

- A degree in a reputable university.
- At least 3-5 years of relevant work experience in IT information security analysis, governance, risk, and compliance.
- Working knowledge of Security Information & Event Management (SIEM) systems, Vulnerability Management, and Patch Management
- Experience in monitoring, tracking, and troubleshooting user activity logs using AWS CloudWatch and CloudTrail.
- Experience in scripting languages like Python, Powershell, Bash and SQLs.
- Knowledge of networks, firewalls, proxies, intrusion detection/prevention systems, concepts, and technologies, ideally with knowledge of EC2 incidences, GuardDuty or similar, and actions using AWS Lambda
- 3+ years of endpoint administration or support experience with Linux and Windows devices
- Experience with intrusion/manipulation techniques, and standard methodologies for Linux system hardening and process isolation.
- Prior experience in incident response and threat hunting
- Knowledge of DevSecOps principles and practices
- Professional information security certifications such as CISSP, CompTIA Security+, AWS Security Certifications, or equivalent are a bonus for this role.
- Confidence in presenting, with strong verbal and written business communication skills, and the ability to educate a non-technical audience about various security measures.
- Excellent analytical skills and attention to detail.

**What would you get?**
- Flexible working locations
- Training and Development
- Discretionary Yearly Bonus & Salary Review
- Healthcare Coverage based on location.
- 20 days Paid Annual Leave (excluding Bank holidays)

**If