**Job Requirement**- At least 1 Year(s) of working experience in the related field is required for this position.- Required Skill(s): OSI LAYER, TCP/IP, OWAPS, CVE- Strong understanding of network security, network architecture, protocols and related technologies.- Preferably Staff (non-management & non-supervisor) specialized in IT/Computer - Software or equivalent.- Having CEH, OSCP, CISSP or other IT related certificates is an advantage- Deep knowledge about Operating System Security and such as Windows, Linux and UNIX and Database Security with suitable security configuration- Expertise in analysis and handling of security vulnerabilities as well as experience in implementing remedial measures.- Experience in information security or network security, related to penetration testing, security analysis, Vulnerability Assessment or security management.- Experience in identifying, analyzing and responding to security incidents.- An understanding of security frameworks such as ISO 27001 or NIST.- Good skills in oral and written communication to interact effectively with various stakeholders.- Ability to work collaboratively with IT and business teams to identify and address security issues.- Strong analytical skills to analyze security threats, identify vulnerabilities and design effective security solutions.- Understanding of cloud architecture, especially in the area of cloud security.- Knowledge of CICD Pipeline, Kubernetes and several programming languages such as PHP, Golang, Java, Python, Bash is a plus.- Knowledge of Agile SSDLC (Secure Software Development Lifecycle)- Manage Infrastructure Security & Policy Implementation- Fraud & Anomaly Transaction Monitoring- Risk Management & Business Continuity Plan- PCI DSS & IT Governance Implementation- Analyze the security needs of corporate systems and networks.- Design and implement appropriate security policies, including firewall settings, network security settings, and operating system security settings.- Actively monitor systems and networks to detect and respond to threats using security monitoring tools and instrusion detection systems.- Resolve security incidents promptly and take appropriate remedial steps.- Conduct penetration testing and security audits to identify vulnerabilities in IT infrastructure.- Develop and implement a risk assessment plan to mitigate security risks.- Manage and maintain security systems, including software updates, security patches, and proper configuration.- Manage user and role access, and enforce strict security policies.- Conduct security training for staff and users to increase awareness about information security.- Investigate security incidents and perform forensic analysis to identify causes and effects.- Responding to and recovering from security attacks, including data recovery, system recovery, and fixing of exploited vulnerabilities.- Monitor the latest security trends and technology developments to ensure effective protection against new threats.- Conduct regular safety evaluations and periodic safety tests to ensure ongoing protection.- Make continuous improvements to the security infrastructure and implement necessary updates to security policies and practices.- Documenting and defining company data security policies.
