Analyse and correlate information security events to identify appropriate event handling actions.
Assess operational and implementation costs, and evaluate them against the potential business impact if the policies and controls are not implemented.
Assess the effectiveness of the measures against security risk management plan.
Develop IT security policy and operational procedures based on information collected.
Develop a documented action plan containing policies, practices and procedures that mitigate the identified risks.
Document information related to IT security attacks, threats, risks and controls.
Establish a standard methodology for performing security tests in accordance with security requirements.
Establish review procedures based on organisation's security risk management plan.
Evaluate effectiveness of current incident response plan against industry good practices.
Evaluate response plans periodically to ensure relevance.
Identify threats and risks that are relevant to organisation's operations and systems.
Monitor the effectiveness of action plans in addressing information risks.
Obtain corporate management's endorsement of security policies, standards and procedures by articulating cost and benefits.
Perform comparative analysis of security service performance level parameters against security information sources.
Prepare information security performance report based on results from analysis and correlation of information security events.
Rate and categorise potential security incidents.
Recommend suitable enhancements to improve information security performance.
Review business and security environment to identify existing requirements.
Review security policies, standards and procedures by considering the threats identified and other information collected.
Test incident response plans periodically to ensure response times and executed procedures are acceptable
Qualifications:
Degree or equivalent qualification in Electronics, Computer Engineering, Electrical engineering, networking, or equivalent practical experience,
Other requirements
Travel will be required on need basis,
You will be working during client business hours based on the project you will be allocated into,
Office reporting is flexible and encourage hybrid working for this role. However, reasonable reporting into office for project meetings and client meeting attendance is mandatory,
All working days reporting may be subjected to project or organization deman