Report to: Assistant IT Manager / Head of IT - Department: Information Technology.
- Responsibilities for all IT Cyber Security area within the company, keep maintenance company’s data and system in safe condition.
- Performance for IT infrastructure / Security projects as assigned by the IT Management.
- Be well trained on IT Cyber Security parts to company users and Partner as well.
- Report online activities results to IT Management.
- Monitoring for abnormalities activities in the systems both network and server via log reviewing, analyze, conclude and resolve.
- Monitoring for Endpoint protection activities such as Antimalware, Full Disk Encryption, ransomware etc. for the compliances follow to resolve the non-comply issue.
- Perform vulnerability scanning, testing, risk analyses, assessments and treatment plan; coordinate with related parties for consulting on remediation.
- Perform penetration testing on company’s applications, network devices, servers and other systems in production and development environments.
- Threat Intelligence and Information Intelligence to foresee the potential impact may happen to systems and company reputation.
- Maintain and improve the data protection, network security and endpoint security strategies, ensure the security controls are effective and efficient.
- Develop & maintain the security baseline for Pizza Hut systems and endpoints based on well-known standards.
- Conduct security awareness campaigns such as phishing, security workshop, seminar to raise employee awareness.
- Incident handling follows the company incident management process, investigating the incident, collecting logs and coming up with incident reports to Security Prime.
- Coordinate with related parties to resolve the identified security issues Qualifications
- Conduct annual IT audit with both Group audit and Third Party audit.
- Maintenance IT Security policies is up to date.
- Work with Group IT for any IT Security project.
- Training Cyber security for users if any.
Education / Training Qualifications:
- Bachelor’s degree in Computer Science related field or equivalent work experience
- Security certificate: CEH, OSCP or other equivalent or higher certificates is an advantage
- IT certificate: MCSE, LPI, CCNA, CCNP is also a plus
- Minimum of (3) years of experience in the IT Security area in a medium / enterprise level.
- Having experience on Information and Cyber Security Management is a must.
- Have a good knowledge of Security Offensive to put defense strategy in the most efficient way.
- Familiar with cybersecurity technologies and tools such as: Next-gen firewall, Nessus, N-
IDS/H-IDS, Cloud infrastructure, SIEM, Kali Linux tools set, IoT, etc. is a plus
- Familiar with cyber security threat hunting such as: OSINT, Shodan, Censys, Spiderfoot.
- Having experience on manage a large WAN network.
- Experience for the annual security auditing.
- Having knowledge and experience working in a company follow ISO 27001 standards.
Knowledge / Skills / Personalities:
- Having knowledge of SOC2, GDPR, CSA (Cloud), HIPAA, PCI-DSS is an advantage
- Demonstrate ability to work independently and as part of a team to achieve team goals
- Ability to conduct and direct research into IT/Security issues and solutions as required
- Demonstrate strong organizational skills, including time management and ability to prioritize and manage a range of tasks pro-actively
- Demonstrate good logical thinking and problem-solving skills
- Ability to effectively prioritize, take ownership and execute tasks in a high-pressure environment.
- Highly motivated, self-directed
- Hands-on, possess a high energy level and good team player.
- Being self motivated and flexible.
- Good at English in communication skills including oral and written