Job Title : Security & Vulnerability Analyst Location : India, Malaysia
Primary Purpose of the Position :
The Security & Vulnerability Analyst works as a member of the Information Security team to assess distributed security vulnerability issues and propose and manage the implementation and operation of processes to track and remediate those issues and reduce risk and / or meet compliance needs.
Duties, Responsibilities, and Physical and Mental Demands :
Administer and monitor PGi vulnerability testing tools, and related infrastructure, in order to detect and remedy issues and protect systems from attack, unauthorized users, and malware.
Stay abreast of industry best practices in penetration testing and ethical hacking techniques and integrate new methods and tools as appropriate.
Monitor publications of security advisories and assess criticality of vulnerabilities and vendor patches and notify applicable groups of the vulnerabilities, mitigations, and resolutions.
Operate vulnerability detection, tracking, assignment, and remediation process liaising with the administrators of the departments that own the affected systems.
Provide reporting to help Security, IT and business management understand current risk levels and manage the process appropriately.
Conduct and participate in the design development, testing, implementation and operation of security plans, products and control techniques.
Provide guidance and technical support for global security initiatives such as virus and malicious code protection, operating systems (Linux, Solaris, and Windows), database, and security incident response support
Other tasks as assigned.
Education and Experience Qualifications :
Formal post -secondary training in Computer Science, Engineering, or related major (or 2 additional years of relevant experience in lieu of degree)
2 years information technology experience, including 1 years focused on Information Security
Experience providing IT services to internal groups with excellent internal service
1 year of vulnerability scanning experience with a major commercial of opensource tool
Security+, CEH, CISA, or similar certification
Skills and Competencies :
Technical knowledge in computer security, network security, cryptography, and / or similar fields
Proficient English verbal and written communication skills
Strong interpersonal skills, including the ability to influence, facilitate, consult and guide to desired end results through effective non-direct team leadership.
Basic project management skills essential to track milestones and validate project progress.
The ability to work effectively with internal and external clients, management, staff members, vendors, and consultants
Results oriented, high energy, self-motivated
Strong judgment and analytical ability
Knowledge of system vulnerabilities and exploits
Skilled with administration, configuration, and operational best practices for Cloud Security, VPNs, Firewalls, Routers, UNIX systems, Intrusion Detection, and Windows systems