Search by job, company or skills

Averis

Lead, IT Security

Averis
Early Applicant
  • 5 months ago
  • Be among the first 50 applicants
Exp: 5-7 Years
Malaysia, Kuala Lumpur
Login to check your skill match score

Job Description

Hello, we are Averis!

We are a Global Business Services (GBS) that look into consolidating services and standardization of transactional practices, helping MNC / large enterprises achieve better economies of scale by mean of improving productivity and reducing costs.

Our journey started in 2006, and today, more than 700 Averians are servicing over 300 companies across 32 locations globally with Kuala Lumpur being the Headquarter. Our specialization includes Finance & Accounting, Human Resources, Information Technology, Shipping Documentation, Change Management, Data Security, and Business Information.

AREAS OF RESPONSIBILITY:

  • To ensure Information Security compliance and standardized control across.
  • Responsible to explore viable solutions and options with respective IT Security vendors (principals) and relevant service providers to meet the compliance standard and requirements.
  • Develop, enhance, rollout and enforce the compliance of server and network security standards and procedures. This includes implementation.
  • Monitor and enforce the compliance of Windows and network patch management processes, including coordinating and managing the CERT meetings
  • Monitor and enforce the compliance of antivirus update processes for all devices connected to the RGE network
  • Monitor and enforce the compliance of privilege password management processes, specifically:-

  • Compile a complete list of privilege ID and password across all servers and network devices.
  • Identify those require dual control.
  • For those require dual control, monitor and enforce (including improving) the compliance of dual control password management processes.

  • For those do not require dual control, monitor the appropriate usage of the access (e.g. an admin ID is used for performing tasks which are authorized only), including access validity
  • Monitor infrastructure (e.g. Active Directory, Exchange, Sharepoint) audit logs for abnormal activities and take appropriate actions
  • Monitor and enforce the compliance of physical access control policy for data center and server room
  • Perform ad-hoc security monitoring and investigation such as email log analysis
  • Lead and/or support the implementation of new security tools and procedures to increase the maturity level of Group IT information security.
  • Conduct ad-hoc IT Security Risk Assessment.
  • Assessing IT Security risks, compiling data and presenting initiatives and strategies to the management team.
  • Responsible for identifying and assessing IT security gaps in our customers environment
  • Provide regular risk briefing to senior management on the findings (Gaps) and develop remediation approaches.
  • Work with the peers from manufacturing / plant, IT infrastructure and other related business teams in designing secure communications both within the internal and external network.
  • Lead the creation of IT security technology (strategies, policies, framework, architectures and roadmaps) implementation based on the business strategy, cybersecurity assessments, IT and OT trends, and the overall threat landscape.
  • Accountable for establishing and providing specialist consultancy on OT space and its convergence with IT.
  • Responsible for embedding the principles of the company's information security policy throughout OT program.
  • Responsible for supporting company's OT initiatives with the development of high-level and low-level architecture designs including recommended security controls for complete IT-OT security.
  • Deploying or supporting security practices and technologies such as risk or vulnerability assessments, antivirus software, firewalls, intrusion detection systems, centralized alert logging and monitoring in ICS environments.

REQUIREMENTS:

  • Bachelor Degree and/or Professional qualifications in IT.
  • Minimum 5 years relevant experiences in Information Security and IT Security.
  • Experience in implementation and management of Information Security.
  • Knowledge in network / application / database / hardware security background in multiple server OS environments and proficiencies.
  • Knowledge in system and network such as routers, routings, firewall, proxies, servers, etc.
  • Ability to author technical and non-technical documents for varying audiences from technical automation personnel to senior security or operations personnel.
  • Relevant industry or industrial certifications are highly preferred such as SANS GICSP, CISM, CISSP, IEC62443, Cisco Security, etc.
  • Strong cloud security experience is a plus.
  • Excellent collaboration, interpersonal and communication (written and verbal) skills.
  • English a must. Bahasa Indonesia, Mandarin, and Portuguese language capability will be advantageous.
  • On-site travel based on the requirement.

More Info

Industry:Other

Function:Information Technology

Job Type:Permanent Job

Date Posted: 29/05/2024

Job ID: 80329863

Report Job

About Company

Averis
Follow

Hi , want to stand out? Get your resume crafted by experts.

Similar Jobs

Lead Digital Identity Engineering

The Est e Lauder Companies Inc Company Name Confidential

Senior Analyst IT Security

Prudential plcCompany Name Confidential
Last Updated: 25-10-2024 00:52:15 PM
Home Jobs in Malaysia Lead, IT Security
Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs