Responsibilities:

• Conduct vulnerability assessments, and risk analysis across systems, networks, and applications.
• Identifying and assessing potential security threats to company data and systems and implementing measures for mitigation.
• Design and implement security policies, standards, and procedures tailored to client environments.
• Ensure alignment with regulatory frameworks (e.g., ISO 27001, NIST, GDPR, PDPA) and assist clients in achieving compliance.
• Advise on incident handling, forensic investigations, and recovery strategies in incident response support.
• Evaluate and recommend improvements to existing security infrastructure and architecture.
• Deliver workshops and training sessions to improve client staff’s cybersecurity awareness.
• Prepare detailed reports on findings, recommendations, and remediation plans during security incident.

Required Skills & Qualifications:

• Bachelor’s degree in computer science, Information Security, or related field.
• Minimum of 3 years in IT infrastructure security or security operations.
• Proficiency with tools like SIEM, EDR, IDS/IPS, vulnerability scanners, and endpoint detection platforms.
• Project management and stakeholder engagement skills.
• Strong knowledge of security frameworks and technologies.
• Certifications such as CISSP, CISA, OSCP, CEH, or ISO 27001 Lead Implementer are preferred.
• Excellent communication and presentation abilities for both technical and non-technical audiences.