Cyber Security Analyst - Golden Technology : Job Details

Our client is looking for a Cybersecurity Analyst to join their team! The Cybersecurity Analyst is responsible for ensuring the security and integrity information systems and data within the organization. This role will analyse and evaluate network security, identify potential threats, and develop and implement security measures to protect against cyberattacks. In addition, this role will also provide recommendations for improving security policies and procedures and ensure compliance with industry and regulatory standards.

Responsibilities:

• Provide technical guidance and support to clients during the implementation and deployment of Azure B2C solutions. Monitor Azure B2C services and proactively identify and address any performance or security issues.
• Manage Single Sign On (SSO) applications. Create application integrations, roles, groups and security policies.
• Conducting regular security audits and risk assessments on physical and cloud environment to identify vulnerabilities and threats to an organization's systems and networks. Responsible for remediation plans, communication and execution.
• Develop and maintain ongoing Phishing campaigns, security awareness training, employee education, and company email campaigns.
• Implement the MDR provider's security recommendations in the organization's infrastructure. This includes configuring security tools, patching vulnerabilities, and addressing any security gaps identified by the MDR provider.
• Maintain up to date SSL certificates for cloud infrastructure.
• Manage vendor NDA's, security questionnaires, contracts, etc.
• Define and implement the organization's IAM policies, standards, and procedures.
• Work with other team members to develop and implement security policies and procedures to protect the organization's data and systems through web filtering.
• Maintain and improve the Security Information and Event Management (SIEM) system, ensuring that all alerts are properly investigated and addressed in a timely manner.
• Meet with auditors and regulatory compliance committees for completion and compliance.
• Review/audit BMIC security checklist comprising of daily/weekly/monthly/quarterly/semi-annual/annual tasks.
• Review change log and security incident report with on monthly basis.
• Lead and coordinate incident response activities including investigating security incidents, identifying the root cause, and developing remediation plans.
• Stay current with the latest security threats and trends and make recommendations to the organization on how to mitigate risks and strengthen the security posture.
• Assist peer teams in securing applications, business software and services, and infrastructure.
• Respond to Security Incidents of varying severities and complexity.
• Develop and implement security strategies for cloud-based applications, services, and infrastructure.
• Participate in the design, implementation, and maintenance of security policies, standards, and procedures to ensure compliance with regulatory requirements.

Top skills you need to have:

• Associate degree in an IT-related discipline and minimum of 3-5 years' experience (or equivalent combination of education and experience) in information security and information technology roles demonstrating a progressive growth in responsibility.
• Demonstrated experience with implementing information security frameworks such as NIST, CIS, PCI, HIPPA
• Experience in Cloud Security Architecture, with a focus on public cloud environments (AWS, Azure, or Google Cloud)
• Knowledge of IT technologies including Access Control, Firewalls, SSO, Microsoft Technologies (M365, Active Directory, DNS), Anti-virus software and malware scanning tools
• Experience with security assessment and testing tools, such as vulnerability scanners, penetration testing tools, SIEM systems, Log Management, DLP, IPS/IDS, VPN, MFA
• Strong analytic and problem-solving skills
• Excellent written, verbal communication and presentation skills.
• Proven experience with current IT security technologies
• Professional information security certifications such as CompTIA Security+, CCNA Security, GIAC, AZ-500, MS-500, CCNP Security, CEH, CISSP, CCSP are preferred