Information System Security Analyst

Location Ho Chi Minh
Industry Technology
Job reference 17102
Job type Permanent
Consultant email vi.luong@manpower.com.vn
Date posted Nov 21, 2024
Essential Job Functions:

This position is responsible for implementing the security function within the Global IT security program.
  • Perform formal risk analysis and security design review, ensuring appropriate policies and standards are applied to projects consistent with risk appetite and regulatory/legal requirements for various Business and Information Technology systems and processes.
  • Manage/coordinate remediation efforts after security assessment findings outline weaknesses requiring attention.
  • Collaborate on on-prem, managed services and cloud security strategy and resilient enterprise-grade cloud processes in tandem with security and system engineers and contribute to Cloud security roadmap.
  • Using technical skills, industry, and security knowledge, identify risks, mitigations, and (working with Information Security Leadership) prepare relevant information to present residual risks to the global IT team.
  • Knowledge and experience in implementing vulnerability management assessment tools(Rapid 7)
  • Experience in implementing MDR tools(Rapid 7)
  • Plan, coordinate and work with SOC and global teams on threat mitigation activities
  • Plan, coordinate, and execute Information Security projects.
  • Create process flows to better define, measure, improve, analyze, and control security and privacy processes.
  • Prepare, maintain, and update security processes, procedures, and standards, including Information Security Governance engagement model and design templates, company notifications, and alerts in support of the Information Technology department.
  • Working with the threat modeling (TM) lead in Security Architecture to integrate TM tools into the Security Design Review Process.
  • Review Vendor software/hardware and Third-Party information security integration controls/risks and document gaps and issues for action.
  • Attend regular technical project and implementation meetings and serve as the security consultant to help guide secure application and infrastructure configurations.
  • Document, formulate, and enforce areas of security improvement that balance risk with business operations and do not diminish efficiencies or innovation.
  • Conduct design reviews of MS Azure services and other new cloud services affecting public, private, or hybrid cloud infrastructures, risk rank results, and present to security leadership.
  • Assist in maintaining strong oversight with cloud computing vendors and solution providers to safeguard against undue risk presented by external entities. Escalate to IT management and business unit leads when points of weakness are discovered.

Relationships:
  • Reports to the IT Director of Japan
  • Works closely with Global IT Office, Global IT team members, business leaders, and employees
 

Knowledge & Experience:
  • Minimum of 5 years of experience in the cybersecurity field covering a wide area of technologies and security domains with knowledge in Governance, Risk and Control methodologies.
  • Bachelor’s degree or higher – preferably in Computer Science, Engineering, or a related scientific field.
  • Knowledge in IS security tools and applications such as Splunk, Zscaler, Qualys and Cisco Firewalls is required.
  • Experience in working with SOC vendors and global teams
  • Strong knowledge in Windows Operating system, AD, Databases and Network is mandatory.
  • Experience in the Flavors and Fragrance Industry or Chemical manufacturing industry is a plus.
  • CISSP, CISA, CISM, or other security/control certifications are a plus.

Personal Attributes:
 
  • Must be able to read, write and speak English fluently on a level needed to interact with other employees, as needed in the performance of work duties
  • Must be able to work within a team and independently & communicate regularly with the team: the status of active projects, open issues, and decisions that need to be made.
  • Experience working in a team-oriented, collaborative environment.
  • The ability to manage projects, and prioritize and execute tasks.
  • Knowledge of system and software quality assurance best practices and methodologies.
  • Self-motivated and directed, with keen attention to detail and strong customer-service orientation.
  • Ability to conduct research into application issues and products.