Associate, IT Security

To strengthen BPMB’s cybersecurity resilience by proactively monitoring and managing SOC alerts, optimizing SIEM capabilities with ensuring logs are feeded, mitigating threats and vulnerabilities, ensuring comprehensive asset protection, and delivering expert advisory and operational support to safeguard the organization against evolving cyber risks.

Job Responsibilities

• To manage SOC alerts effectively ensuring vulnerabilities are tracked efficiently, no KRI or lapse.
• To ensure internal / external especially 3rd party systems logs are ingested and monitored.
• To manage and mitigate audit findings proactively.
• To ensure compliance requirements are met accordingly.
• To mitigate overall IT Security risks.
• Any other scope of works to be determine from time to time by BPMB.
• Build and maintain effective relationships with users to ensure their operational needs are met and supported.
• Promotes collaboration with other departments in BPMB Group to achieve overall operational support objectives.
• To attend and resolve reported IT service requests, problems, or incidents.
• Ensure IT security rendered support provided to the internal staff is within the stipulated service level agreement (SLA) and in accordance with IT procedures and guidelines.
• Liaise with internal stakeholders and external vendors on matters related to IT security matters as and when required.
• Day to day administration & management of :
• SOC tracking, alerts checking and review
• Log ingestion of 3rd party apps are ingested on daily basis and troubleshoot by yourself or with vendor for any incomplete log feed.
• On a quarterly basis, ensure endpoints are installed with EDR solution ensuring they are well protected.
• Tracking of security systems needing update and upgrade.
• To ensure access to systems is only given to authorized users to preserve the confidentiality, availability, and integrity of information.
• To perform proactive monitoring on IT systems for any potential security threats or breaches.
• To ensure the security assessment, vulnerability assessment & penetration test to be carried out accordingly, with necessary actions to be taken as a result from the exercise outcome.
• To provide regular status updates on IT security related matters to the superior as required.
• To provide first level support for related IT security faulty or operational issues identified or reported, and responsible to escalate to proper channel for further troubleshooting & rectification in timely manner.
• To record & document related IT security problems and resolutions for future reference.
• To establish, maintain, review & update related IT security configurations and parameters for reference, improvements, and benchmarking purposes.
• Involve in IT Projects, which include among others preparation of system requirements / RFP, involve in proof-of-concept, proposal evaluation, system testing, server hardening process, security configurations at security devices.
• Involve in Disaster Recovery Plan (DRP) test activities at Disaster Recovery Centre (DRC).
• Prepare and review IT Security related documents (procedures, manuals, guides and etc).
• Assist in the renewal of contracts related to IT Security projects and tools.
• Holistic understanding and application of BPMB Policy, Procedure, Guideline, Audit, Compliance, IT Security standards and other applicable regulations.
• Attend training identified and assigned by the line manager.
• Disseminate knowledge and training materials gained from training to other team members via on-the-job training or formal training whichever is applicable.
• Keep abreast of regulatory developments within or outside of BPMB as well as evolving best practices in IT Security industry.

Job Requirement

#J-18808-Ljbffr