Petron Malaysia logo

Petron Malaysia

Bukit Damansara, Kuala LumpurBukit DamansaraMalaysia

IT Security Analyst

full-timeOn-site

Responsibilities:

  • Establish, implement, and maintain the company’s Information Security Framework in line with global standards (ISO/IEC 27001:2005 / ISO 17799:2005).
  • Design, implement, and maintain security measures, controls, and protocols, while identifying gaps and preparing action plans for improvement.
  • Conduct regular security audits, vulnerability scans, and risk assessments, providing reports and recommendations to management.
  • Monitor and assess network, systems, applications, and new technologies to identify vulnerabilities, ensuring proper security reviews before installation or upgrades.
  • Support the Security Operations Center (SOC) by monitoring tools, logs, and alerts in real time; analyzing events to distinguish real threats from false positives; and proactively conducting threat hunting and vulnerability assessments.
  • Manage and respond to IT security incidents, execute incident response procedures, assist in forensic investigations, and remediate vulnerabilities highlighted in SOC reports.
  • Maintain and optimize security monitoring systems for performance, accuracy, and continuous improvement to reduce organizational cyber risk.
  • Lead and support IT security-related projects, ensuring effective communication with stakeholders on ISMS framework, risk assessments, and security initiatives.
  • Stay up to date with the latest security technologies, tools, and industry trends

Qualifications:

  • Bachelor’s Degree in Computing/Information Technology/Computer Security.
  • Knowledge in Information Security Management System (ISMS) framework, Compliance and Risk Assessment.
  • Minimum 5 years’ experience in similar role.
  • Strong knowledge of vulnerability management, patch management, firewalls, intrusion detection/prevention system and penetration testing.
  • An analytical mind with excellent problem-solving ability.
  • Ability to carry out investigations on Security incidences as well as document findings; hence it is essential that they can define problems, collect data, establish facts, and draw valid conclusions.
  • Strong written and verbal communication skills.
  • Knowledge of hardware and networking systems.
  • Good time management.