1. Home
  2. Design / Civil engineering / Industrial engineering
  3. Senior Cyber Security Analyst

Offers “Aviva”

Expires soon
Aviva

Senior Cyber Security Analyst

  • Internship
  • SINGAPORE
  • Design / Civil engineering / Industrial engineering
Apply Now

Job description



Role and Accountabilities:

Maintains, supports and manages information security tooling and processes. Monitors and reports on security risks and performance. Supports the Cyber security team with the design and evolution of information security tooling and processes.

The role will be accountable for:

Nature of Work:

·  Resolving Cyber security issues and queries, escalating issues as appropriate.
·  Continuously looking for improvements in both security tooling and processes to ensure services operated are market leading and live our values
·  Identifying, testing and implementing security process and tooling improvements
·  Developing and leading assurance activities across an agreed range of technologies/controls.
·  Supporting the Security Specialist/Security Manager/Functional Lead in the identification and ongoing monitoring of specific security risks and KPIs
·  Producing management information to ensure Aviva receives value from key security investments/services.
·  Supporting audits and control testing as required

Risks & Controls:

·  Ensure that issues and actions associated to controls / risks are remediated in a timely manner.
·  Ensure that controls are sufficiently well designed and operating effectively to keep the risks that they mitigate within Aviva's tolerance level

Resource and Expertise:

·  Responsible for working within policy and guidelines, applying technical knowledge and expertise and prioritizing own use of time
·  Maintain role-specific skills and knowledge, utilizing both formal and informal training methods.
·  Keep abreast of information security frameworks and methodologies (e.g. NIST, ISO) and other information security related best practice appropriate to your role.

Problem Solving:

·  Accountable for solving problems and dealing with difficulties in line with policy, process and other guidelines. 

Change:

·  Accountable for making suggestions for improvements and taking personal initiative in adapting to change.

Internal Collaboration:

·  Build effective working relationships across relevant teams in CISO and other technology functions
·  Share recent insights and lessons learnt with the wider community through active participation in community discussions.

External Interaction:

·  If required, build effective working relationships across relevant teams in external suppliers
·  Seek opportunities and attend external and internal seminars / training sessions that would enhance professional development and deliver business value

Capabilities:

Technical Skills:

·  Networks and infrastructure,
·  Application and operating system
·  Security and hardening,
·  Privileged Access Management tools and processes support (CyberArk)
·  Firewalls - network and web application levels (governance and tools like AlgoSec)
·  Vulnerability assessments and penetration testing,
·  Patch management,
·  SOC/SIEM,
·  DLP, IDS/IPS
·  Log review,
·  Security incident management
·  Supporting Cyber transformation delivery / change to operations

Management Skills:

·  Strong relationship management skills
·  Excellent stakeholder management, particularly managing expectations
·  Sound influencing and negotiating skills
·  Good attention to details.
·  Planning and Priority setting.
·  Excellent written and verbal communication skills
·  Risk Awareness
·  Strategic thinking and planning.
·  Self-starter
·  Quick learner
·  Able to work under tight deadlines

Qualifications:

·  IT/Computer Science graduate & CISSP/CISA/CSP/CISM (preferred / willing to get certified in 1 year).
·  7+ years of relevant experience
·  Demonstrate good, fundamental understanding of security concepts and ability to apply these effectively
·  Ability to work and liaise with multiple teams, vendors and projects to support market technology security operational services.

Knowledge / Experience:

·  Strong technical skills in one or more of the following: network, application and operating system security and hardening, vulnerability assessments and penetration testing, TCP/IP suite, firewalls, SIEM, DLP, Intrusion detection systems, log review, incident management)
·  Ability to weigh business risks and enforce appropriate information security measures
·  Knowledgeable in ISO 27001/2 information security standards and MAS regulatory requirements.

Make every future a success.
  • Job directory
  • Business directory
    •