IT Security Analyst at Petron Malaysia | Cyber Hire Jobs | Cyber Hire Jobs
Petron Malaysia
Bukit Damansara, Kuala Lumpur • Bukit Damansara • Malaysia
IT Security Analyst
full-time • On-site • Bukit Damansara, Kuala Lumpur
Responsibilities:
Establish, implement, and maintain the company’s Information Security Framework in line with global standards (ISO/IEC 27001:2005 / ISO 17799:2005).
Design, implement, and maintain security measures, controls, and protocols, while identifying gaps and preparing action plans for improvement.
Conduct regular security audits, vulnerability scans, and risk assessments, providing reports and recommendations to management.
Monitor and assess network, systems, applications, and new technologies to identify vulnerabilities, ensuring proper security reviews before installation or upgrades.
Support the Security Operations Center (SOC) by monitoring tools, logs, and alerts in real time; analyzing events to distinguish real threats from false positives; and proactively conducting threat hunting and vulnerability assessments.
Manage and respond to IT security incidents, execute incident response procedures, assist in forensic investigations, and remediate vulnerabilities highlighted in SOC reports.
Maintain and optimize security monitoring systems for performance, accuracy, and continuous improvement to reduce organizational cyber risk.
Lead and support IT security-related projects, ensuring effective communication with stakeholders on ISMS framework, risk assessments, and security initiatives.
Stay up to date with the latest security technologies, tools, and industry trends
Qualifications:
Bachelor’s Degree in Computing/Information Technology/Computer Security.
Knowledge in Information Security Management System (ISMS) framework, Compliance and Risk Assessment.
Minimum 5 years’ experience in similar role.
Strong knowledge of vulnerability management, patch management, firewalls, intrusion detection/prevention system and penetration testing.
An analytical mind with excellent problem-solving ability.
Ability to carry out investigations on Security incidences as well as document findings; hence it is essential that they can define problems, collect data, establish facts, and draw valid conclusions.
