Establish and lead the overall Safety & Security framework, operating structure, governance model and strategic roadmap for TEG Assets-managed assets and developments.
Develop, implement and continuously improve safety and security policies, SOPs, standards, procedures and escalation protocols.
Ensure compliance with applicable safety, security, regulatory requirements, Auxiliary Police requirements, internal governance standards and audit requirements.
...
Provide technical support to end-users on security incidents and configurations under the guidance of senior security engineers.
Assist senior security engineers with tasks like implementing and maintaining security controls.
Learn to analyze security logs and identify potential threats, with the opportunity to utilize scripting to automate tasks as you develop your skills.
...
Conduct penetration tests and vulnerability assessments on components including, but not limited to, web & mobile applications, servers, networks, databases and technological devices.
Participate and take lead in client projects in delivering cyber security professional services including consultancy and advisory.
Perform cyber security evaluations and cyber security audits in accordance to international standards.
...
Lead/assist and participate in Information Security audit and Risk Management by using various Information Security framework (PCI DSS v4.0, ISO/IEC 27001:2022, NIST, Cobit and etc), including audit scoping, evaluation, testing, reporting and issue follow-up.
Conduct audit and risk on various processes, technologies, and platforms, such as UNIX, Windows, DBMS (SQL, Oracle, DB2), AD, AS/400, Network and etc.
Identify technology risks and recommend appropriate controls based on risk level, business requirements, and feasibility of implementation.
...
Conduct penetration tests and vulnerability assessments on components including, but not limited to, web & mobile applications, servers, networks, databases and technological devices.
Participate and take lead in client projects in delivering cyber security professional services including consultancy and advisory.
Perform cyber security evaluations and cyber security audits in accordance to international standards.
...