Security Analyst

The Company
Our client is a multi-national information technology company with its headquarters in Singapore.
It is also the largest Systems Integrator domestically.

**The Project**:
This project consists of multiple teams deployed within Cybersecurity Operations Command Centre delivering mission critical 24x7 threat monitoring, prevention, analysis, intelligence to high-valued clients.

**Scope of Work**:

- Perform 24 x 7 Level 1 support on the following from the provided procedure and after trained by ITSO/ITSM.
- Daily Check/Schedule of weekly automated/ad-hoc MVMS vulnerability scan of servers and network routers/switches status & perform L1 SOP. troubleshooting and re-activation/re-scheduling of scanning if fail.
- Escalate issue to NCS Security Engineer for follow-up for severity 1, 2, 3 security vulnerabilities.
- Conduct daily tracking of patch management activities from initial reporting of vulnerabilities / availabilities of patches to successful remediation for servers and network routers/switches.
- Leverage on Splunk Apps to monitor, track and escalate to all Apps, FM, Apps PM contractors, Apps PM for all outstanding vulnerabilities listed in VA scan / Audit compliance scan / other vulnerabilities defined by MHQ/ICA security team that have not been remediated.
- Ongoing maintenance of MVMS asset inventory management for onboarding of new target systems and offboarding of existing targets systems to be scanned by MVMS.
- Track the quarterly CIO forum patching status report via Splunk apps
- Conduct monthly/ad-hoc compliance audit scan for servers and routers/switches.
- Escalate issue to NCS Security Engineer for follow-up for severity 1, 2, 3 security configuration compliance.
- Leverage on Splunk Apps to monitor, track and escalate to all Apps, FM, Apps PM contractors, Apps PM for all outstanding vulnerabilities listed in Audit compliance scan.
- Conduct ad-hoc Malware IOC scan of servers upon emerging threat.
- Rotational shifts: 1st Shift (08:00 - 20:00 Hrs) & 2nd Shift (20:00 - 08:00 hrs)

**Requirements**:

- Minimum Diploma grad with module in IT or Cyber Security
- Preferably with experience in one or more of the following areas:

- Management of IDS/IPS, firewall systems.
- Vulnerability Assessment, penetrating testing & risk assessment using various scanning and penetration testing tools
- Unix, WIN2K, NT and web server security such as OS tightening, SSO and virus scanning
- General Working knowledge of Information Security concepts
- Possess adequate understanding of Layer 1-7 Networking Concepts - Good communication skills (verbally, reading & in writing)
- Ability to follow predefined procedures, policies & processes, work under pressure;
- Willingness to work in shifts
- Advantages for those in Possession of security Analyst certification eg Certified Ethical Hacker (CEH), Certified Security Analyst (ECSA) or Computer Hacking Forensic Investigator (CHFI) will be advantageous but not mandatory.

**Benefits**:

- End of contract bonus