IT Security Analyst

Full Time Phnom Penh Posted 2 weeks ago


Job Responsibilities

  • 100% is to focus on threats/vulnerabilities monitoring and security control within IT infrastructure and development to mitigate security risk to acceptable level.
  • Monitor information systems access and stay informed and escalate of all activities such as suspicious activity, alerts taking place within the networks;
  • Monitor and review privileges and identify access controls;
  • Check and analyses vulnerable software, manage, and escalate and inform related team to patch and update software on the systems and networks. To ensure all software and services used on system networks have adequately security measure in place;
  • Compile and produce ongoing reports about the status and safety of network, systems and application that have been under monitoring for security manager, CTO and management to evaluate the efficacy of the security policies in place;
  • Involve in develop security plan by analyzing network, threats and providing suggestion or best practice recommendation for implementation, maintain or improve security;
  • Research new trends, analyze threats to information technology to stay update on software, potential threats, best practice for security and preventions;
  • Awareness training of the workforce on proper security postures;
  • Creating documentation and planning for all security-related information, including security incident record, incident response, vulnerability report and threat report;
  • Analyzing security incident, breaches to identify the root cause;
  • Continuously updating the company’s incident response and disaster recovery plans;
  • Participant on Conducting security assessments through vulnerability testing and risk analysis;
  • Inform, track, follow up security incident, all security findings or recommendations from auditor, security assessor to ensure they will be solved;
  • Work and verifying the security of third-party vendors and collaborating with them to meet security requirements.
  • Coordinate between internal and external firm Audit, NBC and other
  • Coordinate between internal and external vulnerability assessment or Penetration Tester firm
  • Coordinate between internal and external PCI-DSS or ISO standard firms to completed project

Job Requirements

  • Graduated bachelor degree of Information Technology, preferably in the field of Computer Science;
  • Completed or certified any security course like CSA, CND, CEH, and other security related course is advantaged
  • Knowledge or experience implementing monitoring tools, SIEM tools;
  • Knowledge of security product, Firewall, antivirus and any other similar security solutions;
  • Basic knowledge or experience in working with OS: Windows Server, Linux (red hat/CentOS), and VMware;
  • Basic knowledge or experience in networking and understanding of OSI/TCP-IP model;
  • Basic knowledge or experience with applications/service like web server, DNS, mail server, database, etc;
  • Basic knowledge of programming languages or scripting;
  • Basic knowledge or experience in vulnerability scanning;
  • Basic knowledge or experience in information security assessment;
  • Knowledge of SIEM solutions or other security log monitoring;
  • Knowledge or experience in creating security incident report, manage and maintain threat, vulnerability report;
  • The related industry, the understanding of company values & culture
  • Good communication skills, both verbal and written English Excellence organization and time management skills
  • Having high level of confidentiality, integrity and business ethic
  • Ability to work under pressure and tight deadlines
  • Be detail oriented
  • Be able to carry out multiple assignments
  • Have effective coaching and mentoring guideline
  • Security technology that business is running