Great opportunity to join a fast transforming and innovative organization as Information Technology (IT) Security Analyst to manage and mitigate information and security risks.

Mandatory Skill(s)

  • Degree in Computer Science, Computer Engineering or Information System;
  • At least 3 years of working experience in Information Technology (IT) Risk, Security and IT Systems Support environment;
  • At least 2 years of manual hands-on penetration testing;
  • Good programming experience in Python, Ruby, Bash, C or C++;
  • Good knowledge of Data, System and Network Infrastructure security;
  • Experience in performing IT Security Assessment , IT Audit and reviewing IT controls, framework, policies and standards;
  • Experience in Security Monitoring, Patch Management, Hardening Review, Vulnerability Management;
  • Experience in Application Security Tools (fuzzers, proxies, code analysis tools);
  • Excellent communication, presentation, and advisory skills;
  • Ability to work independently, manage stress and multi-task in a fast-paced environment;
  • Proactive, motivated and independent.

Desirable Skill(s)

  • Certification in OSCP, CREST and GIAC;
  • Experience in performing Data Collection and Digital Forensic investigation.


  • Ensure IT System compliance according to Corporate Technology Risk Management policies and standards;
  • Actively prevent destruction and improper disclosure of information through appropriate controls procedures;
  • Mitigate risk, threats and criminal consequences to protect organization’s people, asset and information;
  • Conduct basic forensic examination of hard drives, mobile devices and digital media containing sensitive data;
  • Responsible to address and response to IT Security Related Incidents and Events;
  • Perform Vulnerability Assessment, Penetration Testing, Platform Security and IT Security Monitoring;
  • Risk assessment and its impact on technical and business;
  • Perform external connections review and social engineering tests;
  • Conduct periodic security access review (for privilege users);
  • Develop and implement detailed security controls, test and evaluate the residual risks;
  • Implement key risk indicators, provide regular reporting on IT risk and control;
  • Identify regulatory changes and their impacts, implement the changes as necessary to ensure ongoing compliance.
Apply to this Job