Join is seeking a Senior Cybersecurity Analyst for a hybrid quality - focused squad. Responsible for incident response and digital forensics in cybersecurity.
About the role
- Information Security Analyst SME protecting information assets by designing and maintaining security policies. Ensuring compliance with security standards in a tech services company focused on digital transformation.
Responsibilities
- The Information Security Analyst (SME) is responsible for protecting the organization’s information assets by designing, implementing, and maintaining security controls, policies, and best practices. As a Subject Matter Expert, this role provides hands-on technical expertise, risk assessment, and advisory support across the business, ensuring compliance with security standards while enabling secure business operations.
- Compliance Monitoring: Support the implementation and monitoring of security policies to ensure compliance with applicable laws, regulations, and industry standards (e.g. ISO 27001, NIST)
- Participate in internal, external or regulatory audits as required.
- Other work or projects as assigned.
Requirements
- Aligns with our values: Excellence, Integrity, Professionalism, People Success, Customer Success, Fun, Innovation and Diversity
- Strong communication skills
- Strong problem solving and analytical skills
- Excellent problem-solving ability
- Minimum Requirements:
- Bachelor’s degree in Information Security, Computer Science, IT, or a related field (or equivalent experience)
- at least 5 years of experience in information security, cybersecurity, or IT risk roles
- Strong understanding of:
- Information security principles and frameworks
- Risk assessment and vulnerability management
- Identity and access management (IAM)
- Data protection and privacy concepts
- Experience working in a hands-on, SME or fast-growing organization
- Experience communicating policies and compliance requirements with both technical and non-technical audiences at various levels in the organization.
- Good experience in establishing and performing policy, standard and procedure assessment in a cloud-based environment, technologies, and services.
- Good experience defining, revising, and implementing corporate information security policies, standards, processes, guideline, and related regulatory expectations.
- Familiarity with various industry frameworks and requirements including NIST framework, ISO 27001, PCI DSS, SOC 2, etc.
- Passionate in ensuring the confidentiality, integrity, and availability of our critical assets and contributing to our organization's information security initiatives by applying your knowledge and attention to details.
- Able to work and communicate well with different stakeholders.
- Remains composed when decisions have to be made quickly.
- Preferred:
- Relevant certifications (any of the following):
- CISSP, CISM, CISA
- ISO 27001 Lead Implementer / Auditor
- Security+, CEH, or equivalent
- Experience with cloud security (AWS, Azure, or GCP)
- Familiarity with security tools (SIEM, endpoint security, vulnerability scanners)
- Good understanding of regulatory requirements in different markets the organization operates (e.g., MAS, HKMA, FSC, BNM, BSP, BOT).
- Good understanding of security risk and compliance assessment, process, and procedures
- Good to have Cybersecurity Fundamental certifications such as CompTIA Security+, ISC, etc.
- Able to develop and implement new and improved ways of doing work; encourage staff and guide organization and foster a positive security behavior and posture.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Information Security Analyst developing documentation, managing security incidents, and maintaining information security practices. Engaging with internal teams and external suppliers while working in a hybrid environment.
Cybersecurity Analyst monitoring and responding to security threats in hybrid work environment. Collaborating across teams to enhance security and ensure compliance with standards.
Security Analyst at Aviso joining a cybersecurity team to mitigate threats across IT and Cloud. Responsible for investigations, implementing controls, and enhancing security posture.
Cyber Threat Intelligence Analyst monitoring threats and providing intelligence for FIS security teams. Engaging in research, proactive blocking, and assessing vulnerabilities.
IT Security Analyst responsible for monitoring and responding to security incidents. Collaborating with teams and ensuring effective incident response to maintain business continuity.
SOC Analyst Principal impacting national security in cyber at GDIT. Bring your cyber expertise and drive for innovation to a veteran - friendly workplace.
Information Security Analyst engaging in cyber security and governance risk compliance for Grupo BAUMINAS. Collaborating on security operations, incident response, and risk management processes.
Pleno Security Analyst protecting information assets by monitoring, incident management, and vulnerability oversight. Collaborating on compliance with internal policies and regulatory requirements.
Network and Security Analyst in Logicalis, aiding companies in digital transformation. Responsible for network monitoring and incident resolution, ensuring connectivity and security.