Security Analyst – ERP21 Recruitment & Consultancy

Security Analyst

Full Time
  • Post Date: October 4, 2021
  • 18226
Job Description

Position Overview

The Security Analyst is a functional member of the IT Infrastructure team and will work closely with the other members of the team to maintain and enhance the information security program.  

 

Key Accountabilities/Duties

  • Monitor and advise on information security issues related to the systems and workflow to ensure the internal security controls are appropriate and operating as intended.
  • Manage Web Application Firewall (DOSArrest) that is protecting all customer’s websites
  • Maintain high availability and integrity of customer’s websites by managing monitoring tools (Weborion).
  • Coordinate response to information security incidents.
  • Develop and publish information security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
  • Assist with data classification assessment and security audits and remediation plans.
  • Collaborate with IT management to manage security vulnerabilities.
  • Perform network penetration tests, vulnerability assessment scans and risk assessment reviews.
  • Develop, coordinate and review server hardening for platforms used within the environment.
  • Review of logs pertaining to security of various platforms, namely server events and logs, network logs. 
  • Create, conduct and maintain user security awareness.
  • Conduct security research in keeping abreast of latest security policies.
  • Provide recommendation and remediation plan to address vulnerability findings
  • Serve as an advisor to IT management on all Information Security issues
  • Coordinate with other engineers on software or product patching or updates.
  • Generate and renew Entrust SSL via ECMS portal
  • Generate security reports on monthly basis
  • Review privilege accounts used in customer’s environment
  • Perform other security related duties as assigned.

 

Requirements: 

    • Degree in Computer Science/Information Technology or equivalent
    • At least 3 years’ experience in IT
    • Basic technical knowledge in IT network infrastructure, server platforms (Unix, Windows platform) and desktops (OS X and Windows XP and above)
    • Experience in using security tools (Security Endpoint solutions, HP ArcSight, QRadar, Rapid7 Nexpose, Tenable Nessus))
  • Certified with one or more of the following: QISP, CISSP or CISA (Preferably CISSP)
  • Be alert and able to react on security incidents in timely manner