Total 779 Information Analyst job vacancies in Legal / Public / Security category in The United States of America

— Job Scope —

• Collecting and verifying customer information, including personal details and identification documents.
• Ensure compliance with legal and regulatory requirements for customer identification.
• Conduct due diligence on high-risk customers or those involved in complex transactions.
• Investigate the source of funds and the purpose of the business relationship.
• Knowledge about Lexis Nexis.
• Data entry.
• Basic skill of Microsoft Office.

— Requirement —

• Patience
• Able to work Overtime. (Include Sat and Sun)
• Fresh grad

Perks & Benefits

• Nearby public transport
• Central location
• Regular team activities
• Medical insurance
• Personal development opportunities
• EPF/SOCSO/EIS
• Leaves 

- 工作範圍 -

• 收集和驗證客戶信息，包括個人詳細資料和身份證明文件。
• 確保遵守客戶身分識別的法律和監管要求。
• 對高風險客戶或涉及複雜交易的客戶進行盡職調查。
• 調查資金來源和業務關係的目的。
• 有關 Lexis Nexis 的知識。
• 數據輸入。
• 微軟Office的基本技能。

- 要求 -

• 耐心
• 能夠加班。 （包括週六和週日）
• 應屆畢業生

津貼和福利

• 附近的公共交通
• 中心位置
• 定期團隊活動
• 醫療保險
• 個人發展機會
• 公積金/社會保險/EIS
• 樹葉

We’re a global engineering, management and development consultancy. Everywhere around the world, people’s needs and aspirations are changing, fast. That brings increasing challenge for our clients, as you seek to satisfy your stakeholders, tackle societal issues and deliver your business strategy.
Our network of experts looks at problems from fresh angles and finds opportunities in complexity. They bring together diverse skills, experience and insight, to turn obstacles into sustainable solutions. Our aim: to add value at every stage, for you and the lives you touch every day.
Mott MacDonald

We’re a global engineering, management, and development consultancy. Our purpose is to improve society by considering social outcomes in everything we do, relentlessly focusing on excellence and digital innovation, transforming our clients’ businesses, our communities and employee opportunities.

A fundamental part of this is respecting each person’s differences and striving to meet their needs.

We are proud to be a one of Glassdoor’s top employers to work for in the UK, as well as being recognised as a Top Inclusive Company in the UK.

Our values: Progress, Respect, Integrity, Drive, Excellence.

About the business unit 

Mott MacDonald’s support services are the driving force behind our organisation enabling us to run efficiently and effectively. The team works collaboratively to offer specialist advice, best practice and technology to all areas of our business specifically designed for our global reach. 
Overview of role

This role will be based in one of our IT Hubs in either Dubai, India or the UK.
Working closely with the rest of the Project Managers Office we are looking for a professional with expertise in both Information Technology, Cyber and Information Security and Business Administration for the role of IT Business Analyst.

You will work alongside a global team, project and program managers, project directors and business stakeholders and security professionals to perform detailed requirements gathering and analysis, developing Statements of Work, business cases and assist in defining project scope and success criteria, supporting Mott MacDonald’s Information Security strategy.

The IT Business Analysts have exceptional analytical and interpersonal skills, as they act as a communication link between the IT department and other divisions. To succeed in this role, you should possess an analytical way of thinking and the ability to explain difficult concepts to non-technical users, be a self-starter and have a positive can-do attitude and they play a pivotal role in ensuring that our Projects deliver to a high level while adhering to Mott MacDonald's policies and procedures.

Key duties and responsibilities include


- Analyse business requirements with users. Determine feasibility, cost/time and resources required, compatibility with existing system(s), potential problem areas, recommending and presenting solutions, and meeting project objectives.
- Collaborate with stakeholders and users to assess the impact of proposed security policies, requirements and guidelines
- Analyse existing business processes and security controls to ensure they are fit for purpose in line with new or proposed security policy
- Leading and facilitating stakeholder collaboration and workshops, driving agreement for Information Security policy, process, requirements, guidelines, and publishing to Mott MacDonald’s process estate
- Work with project teams to develop project scope, budget, timeline, resources, risks, and project value.
- Ability to carry out process identification, definition and mapping. Participate in planning and designing business processes, including formulating recommendations to improve and support business activities.
- Elicit requirements using interviews, document analysis, requirement workshops, surveys, business process decomposition, epics/user stories, use cases modelling and specification, task and workflow analysis.
- Conduct detailed research in order to translate business requirements into precise, high quality user stories or functional specifications that are clear and concise and are easy to understand and implement by the development teams.
- Identify and validate key business requirements.
- Work closely with cross-functional teams and help deliver solutions that meet the businesses requirements.
- Communicate and collaborate with stakeholders to understand business strategies and future initiatives to determine future process and solution needs.
- Develop and execute business communications to internal and external stakeholders. Facilitation of User Acceptance Testing (UAT)


Candidate Specification

Essential


- Extensive demonstrable experience in Business Analysis.
- Requirements Elicitation, Analysis and Documentation
- Process identification, definition and mapping
- Workshop planning and execution
- Creation of UAT (User Acceptance Testing) Scripts


Desirable


- Agile / Scrum methodology experience would be beneficial but is not essential.
- A bachelor’s degree in IT or business management would be advantageous but is not essential.
- NIST Cybersecurity Framework, Cyber Essentials Plus, ISO 27001 (either qualification or experience)


Personal Attributes


- Problem-solving skills: an ability to identify the key points, understand everyone’s interest, list possible solutions, evaluate options, and document.


Equality, diversity, and inclusion
We put equality, diversity, and inclusion at the heart of our business, seeking to promote fair employment procedures and practices to ensure equal opportunities for all. We encourage individual expression in our workplace and are committed to creating an inclusive environment where everyone feels they can contribute.

Accessibility
We want you to perform your best at every stage in the recruitment process. If you are disabled or need any support to enable you to apply or attend an interview, please contact us at reasonable.adjustments@mottmac.com and we will talk to you about how we can support you.

Agile working
Happy to talk Flexible Working and how we can support your responsibilities beyond the workplace.

We offer some fantastic benefits including:

Health and wellbeing

- Private medical insurance for all UK colleagues.
- Health cash plan to support you with every day health costs and treatments.
- Access to Peppy, providing free support from menopause experts for all UK colleagues.
- A variety of wellbeing support is available through our comprehensive wellbeing program, including access for you and your family.
- Ability to flex your salary to opt into a wide range of health benefits, many of which can be extended to your family too.

Financial wellbeing

- We match employee pension contributions between 4.5% and 7%.
- Life assurance equal up to 4 x your basic salary, with an option to increase the level of cover to 6 x your salary.
- Our income protection scheme provides a financial benefit, as well as absence and return to work support due to long-term illness or injury.
- Flexible benefits, including increased life assurance cover, critical illness insurance, payroll saving and will writing.
- As an independently owned business we share the financial success of the business with all our colleagues in various ways including annual bonus schemes.

Lifestyle

- A minimum of 33-35 days holiday each year, inclusive of public holidays and dependent on level, with the ability to buy or sell leave through our flexible benefits programme.
- Holiday entitlement increased to a minimum of 35 days after 5 years’ service.
- Variety of employee saving schemes and discounts from high-street retailers.

Enhanced family and carers leave

- Enhanced family leave policies, including 26 weeks paid maternity and adoption leave, and two weeks paid paternity/partner leave.
- Our shared parental leave matches maternity leave meaning we pay up to 24 weeks at full pay.
- Up to five additional days leave are provided for those with significant caring responsibilities, two of which are paid.

Learning and development

- Primary annual professional institution subscription.
- A broad range of opportunities to enhance both technical and soft skills through mentoring, formal training, and self-development options.

Networks, communities, and social outcomes

- Join a wide range of groups including our Advanced Employee Networks which support our LGBTQ+, gender, race and ethnicity, disability, and parents/carers communities.
- Make a difference within our communities through our social outcomes.

Apply now, or for more information about our application process, click here.

Proud member of the Disability Confident employer scheme

Roles & Responsibilities

• Perform Security Event/Threat Monitoring as part of a 24x7x365 Security Operations Centre
• Day to day triaging ticket alerts, analyzing using threat intelligence and escalating when required
• Serve as a technical escalation resource for other SOC Analysts and provide mentoring for junior team members’ skill development
• Act as an incident responder for the Security Operations Center, leading technical investigations of security incidents and providing customers security expertise
• Conducting cyber threat research and analysis for purposes of improving visibility and development of the SIEM use case library and playbooks
• Conduct proactive “Threat Hunting” and investigations in the absence of any known indicator of compromise
• Contribute to the evaluation of new or updated security solutions with engineering
• Support and manage various Endpoint Detection and Response (EDR), Web Application Firewall (WAF), and Network Intrusion Detection (NIDS) solutions

Job Requirements

Hands-on working knowledge with a variety of security technologies and processes including but not limited to:

• 5 years of technical operations experience in Information Security, System Administration, or Network Engineering with at least 3 years of experience in a Security Operations Centre
• Advanced knowledge and expertise using SIEM technologies for event investigation
• Knowledge of Windows Active Directory, Group Policies, PowerShell
• Log analyses for Windows, Linux, Azure/O365/AWS/Google, network and end point security controls
• Knowledge of the MITRE ATT&CK framework to understand adversaries’ tactics and techniques
• Network fundamentals including OSI stack, TCP/IP, DNS, HTTP, SMTP packet capture and analysis
• Solid understanding of OSs including Windows and Linux
• Knowledge of Cloud technologies (AWS, Google Cloud, Azure)
• Knowledge of malware capabilities, attack vectors and impact
• Knowledge and experience in threat analysis
• Experience on: Vulnerability Scanning technologies, Firewalls, VPN technologies, IDS/IPS solutions, Web Application firewalls, Host based intrusion detection systems, Malware analysis and Endpoint Protection, Malware analysis and Endpoint Protection, EDR technologies and Content filtering technologies
• Should have experience in incident response and a working knowledge of IT Service Management disciplines and their application to security operations
• Ability to work in rotating shifts including weekends

Qualifications:

• Diploma / Degree in Computer Science or IT related field
• Preferred SANS GCIH or other equivalent Security certification/accreditation
• Excellent written and verbal communication in English is essential to support client and internal interactions

• Leading regional financial institution
• Focus in Information Security Compliance, Policy & Control
• Open to IT professionals with passion in InfoSec Control and Risk Management

Reporting to Head of Information Security & IT GRC, here are your responsibilities:

• Collaborate with the cybersecurity team to develop and execute the annual information security action plan.
• Establish and maintain an efficient incident reporting and tracking system, overseeing corrective and improvement measures.
• Monitor and provide guidance on the effectiveness of information security workflows and controls.
• Lead information security projects and automation initiatives in Asia.
• Manage outsourcing matters across BUs in Asia and oversee outsourcing requirements
• Conduct annual on-site reviews of BUs in Asia.
• Support compliance efforts under Singapore’s PDPA, including policy communication, query management, and liaison with regulatory authorities.
• Report to the Board and management on adherence to laws, regulations, and information security policies.
• Review and update regional information security and outsourcing policies to ensure compliance.
• Develop training materials to enhance information security awareness.
• Design, develop, and maintain automated compliance and information security workflow management systems.
• Manage regional reporting tools and consolidate results.
• Prepare reports and documents for internal committee meetings.
• Collaborate with the Compliance team on various compliance-related initiatives.

Requirements:

• Bachelor's degree in computer science or related disciplines
• Preferred certifications: CISM and/or CISSP.
• 3+ years of experience in information security or IT risk management
• Strong understanding of information security risks, controls, processes, and trends.
• Experience in project management.
• Familiarity with regional information security regulations and the insurance sector.
• Understanding of Asian cultural and business dynamics.

If you are interested in the above job or related information security opportunities, please kindly send your updated CV to Shannagh.Wu@ethosbc.com

Reg No.R23112660
BeathChapman Pte Ltd
Licence no. 16S8112

Contract Duration: 12 months
Working Hour: Normal Office Hour
Working Location: AMK
Remarks: SINGAPOREAN Only

Requirements
• 5+ years IT security experience required.
• CISSP certification is a Must, CISM, Security+, IT security tools certifications (Imperva, Carbon Black) is a plus
• Experience with Networks, Servers (Windows and UNIX), Database.
• Experience in IT security auditing, security assessments.
• Understand protocols, traffic flows, ability to analyse logs from various sources.
• Knowledge of Active Directory, Endpoint protection solutions, Early Detection and Response solution, Database Activities Monitoring tools, SIEM etc.
• Excellent written and verbal communication, presentation skills.
• Proficiency in Microsoft Excel.
• Flexible, team player, “get-it-done” personality.
• Ability to organize and plan work independently.
• Ability to work in a rapidly changing environment.
• Ability to multi-task and context-switch effectively between different activities and teams

Responsibilities
• Review and development of security framework, information security policies, processes / procedures and guidelines on an ongoing basis.
• Establish compliance with these policies / procedures through ongoing security reviews and audits, not limited to log analysis and security assessment of customer ICT systems
• Conduct security risk management exercise
• Conduct table-top exercises
• Conduct vulnerability assessment, coordinate penetration tests activities
• Conduct information security awareness training
• Responsible for the development and management of customer’s security incident response plan.
• Lead and support customer in the matters of security incident resolution and response.
• Be the point-of-contact/customer liaison to assist and advise customer for ICT security related matters
• Project managed the activities and deliverables during the implementation phase.

Interested candidates, please click "APPLY" to begin your job search journey and submit your CV directly through the official PERSOLKELLY job application platform - GO Mobile.

We regret to inform you that only shortlisted candidates will be notified.

This is in partnership with Employment and Employability Institute Pte Ltd (“e2i”). e2i is the empowering network for workers and employers seeking employment and employability solutions. e2i serves as a bridge between workers and employers, connecting with workers to offer job security through job-matching, career guidance, and skills upgrading services, and partnering with employers to address their manpower needs through recruitment, training, and job redesign solutions. e2i is a tripartite initiative of the National Trades Union Congress set up to support nationwide manpower and skills upgrading initiatives. By applying for this role, you consent to e2i’s PDPA.

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to PERSOLKELLY Singapore Pte Ltd and its affiliates to collect, use, and disclose your personal data for the purposes set out in the Privacy Policy available at https://www.persolkelly.com.sg/policies. You acknowledge that you have read, understood, and agree with the Privacy Policy.

Gelangre Reyanelle Gelario | REG No : R1870995

PERSOLKELLY SINGAPORE PTE LTD | EA License No : 01C4394

• Stable Working Environment
• Opportunities for Growth and Development

About Our Client

Our client is a leading firm, looking to hire an Information Security Engineer (GRC) to their growing team. This role reports to the Head of Security.

Job Description

As the Information Security Engineer, your responsibilities include:

• Serving as the subject matter expert for IT security matters and working on defense projects
• Conducting audits to ensure adherence to IT security standards and frameworks
• Regularly developing and updating SOPs, conducing vulnerability assessments
• Implementing hardening and patching measures

The Successful Applicant

As a Successful Candidate, you will have the following:

• Bachelor's Degree in Computer Science or a relevant field
• At least 4 years of experience in IT/InfoSec GRC
• Excellent communication skills, with the ability to effectively present, liaise with stakeholders
• CISA certified or equivalent

What's on Offer

• Opportunities to work on exciting projects

Contact

Isha Hussain (Lic No: R2197976/ EA no:18S9099)

Quote job ref

JN-042024-6398470

Phone number

+65 6416 9850

Michael Page International Pte Ltd | Registration No. 199804751N

Chief Information Security Officer for ISS Singapore

Reporting functionally to the Global CISO - Head of ISS in CACIB Paris, and hierarchically to the Head of ISAP, he/she is:

- CISO of Singapore Branch

- Head of APAC/ME ISS filière, that coordinates Information Security on the APAC/ME region.

He/She is in charge of assessing the Information System Security risks, and piloting necessary actions to remediate or reduce the risk, relying of local staff when it comes to ensuring local regulations are taken into account.

He /She plays a role in alerting and counseling and contributes, along with other actors, to ensure the global security of the IS in coordination with Head Office.

The Singapore CISO:

- Manages hierarchically the Singapore ITSO (IT security Officers), ISAP CLSi (part time), and “ISS Singapore filière” staff

- Manages functionally the ITSOs in APAC/ME countries

- Manages functionally the CISOs in APAC/ME countries when the function exists

- Manages functionally and coordinates the CLSi (Local Information Security Coordinator) in APAC/ME. Note that the global CLSi network is overseen by the CISO Deputy in ISS Paris, to ensure a global coordination and communication is done for all regional areas, and to set the common yearly roadmap.

His/Her main missions are:

- Contribute to the definition of the ISS strategy for the company and foster the implementation of this strategy on his perimeter

- Evaluate and manage risks to ensure the company is protected at an adequate level, and alert if need be

- Enforce IT security standards

- Contribute to the management of security incidents and vulnerabilities

- Monitor action plans

- Monitor employee and IT developers’ awareness program about information system security issues

- Coordinate the watch for his perimeter

- Review permanent controls level 2.1 for his domain of responsibility, and follow the reporting of these results to the Risk departments and ISS France

The ISS ASIA/ME filière:

- Participates to the ISS governance set by ISS France and CA group and organizes the governance the regional perimeter to take into account possible local regulations, and discuss their impact with ISS France

- Coordinates at a regional scale with other country CISO, ITSO and CLSi

- Builds and follow up security indicators for the region, aggregates all security cost for the ISS, and ensures a reporting is in place for executive management and ISS France

- Aggregates permanent controls level 2.1 for the region to have a consolidated view to share with ISS France

Your background

• Previous information technology/security audit/assessment experience preferred.
• Ability to leverage attention to detail and analytical skills.
• Ability to multi-task and work both independently as well as part of an assessment team
• Ability to plan, execute and document assessment and remediation activities following established processes and procedures.
• Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding.
• Minimally, CISSP and/or CISA certifications are required as well as five to eight years of experience in information security or business continuity.
• Technical skills include the domains of information security and business continuity including:
• Information Security Controls (Cloud Security, Infrastructure Security, Access Management, Physical Security, Application Security, etc.),
• IT Compliance, SOX Compliance
• Change Management
• Enterprise Risk Management
• Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards.
• Ability to speak Mandarin and write in Simplified and Traditional Chinese due to interactions with 3rd parties in the Greater China region.
• Must be able to travel up to 25% of the time.
• Experience in Cloud technologies, OSINT and threat modeling will be advantageous.

What you can expect

The Third Party Cyber Security Assessor will conduct information security and business continuity assessments of third parties providing services to Bank of America. The assessor will examine a third party's program to determine if they meet the Bank’s requirements, identifying control gaps that may expose the Bank to risks and subsequently work with the third party on all remediation activities.

To succeed in this role, you should be highly independent, motivated and possess strong, hands-on, technical knowledge of a wide range of information security and business continuity controls and the processes used for evaluating their design and effectiveness and possess strong written and verbal communication skills including ability to communicate clearly and concisely to various levels, up to and including executive level management, and explain the need for key controls to technical and non-technical resources.

There will be opportunities to be involved in projects to improve processes & transform the assessment program. This will enable you to leverage and grow your leadership skills as you'll be expose to various internal stakeholders and industry partners.

What you will do

• Manage and execute assessments of third parties providing services to Bank of America.
• Evaluate design and effectiveness of controls implemented by third parties providing services to Bank of America
• Drive remediation of issues identified through the assessments and any subsequent risk conversations with the third parties and other internal stakeholders.
• Interface with external third parties and internal line of business stakeholders to provide consultation on information security topics and build strong working relationships with these parties.
• Partner with regional and global GIS teammates to collaborate on opportunities and to identify, analyze, and resolve complex problems or security gaps.
• Contribute to the development and transformation of the Third Party Cyber Assurance program
• Conduct cyber risk assessment in support of technology initiatives to help identify IT related risk and determine appropriate controls to mitigate risks.
• Monitor, track, and manage risk mitigations and exceptions and ensure adequate monitoring capability is incorporated into solutions.

About Bank of America

Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries. In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.

Connecting Asia Pacific to the world

Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.

Our client provides cybersecurity consultancy services across multiple government agencies, Banks, MNCs, and large corporations. You will belong to and work with a group of fun and high-performing team members. You will have the opportunity to work on new and exciting opportunities and develop your career. Your daily job will include but is not limited to:

• Performing penetration tests on computer systems, networks, wireless access points, web / mobile applications, and product appliances.
• Performing source code review (static and dynamic).
• Performing vulnerability assessment and host configuration review for Windows and Linux systems, databases, network equipment, and product appliances.
• Write a comprehensive penetration testing report and support the customer on the finding remediation through email and conference calls.
• Collaborate with the rest of the teams on the improvement and problem solving.
• Provides support to sales by providing project scoping to potential clients.

Ideal Experience:

• Independent with contributor mindset and committed with a high-performance culture.
• Relevant practical industry certifications such as eWPT, eWPTX, OSCP or OSWE.
• Minimum of 1 year experience in performing penetration testing.
• Good English communication to articulate, explain and support the client on the finding remediation.
• Responsive, humble, responsible, and open-minded.
• Ability to work under pressure and independently for certain peak periods.

Good to have:

• CTF and bug bounty experiences.
• Other skills that related to cyber security domain such as forensic, reverse engineering, etc.

We’re a global engineering, management and development consultancy. Everywhere around the world, people’s needs and aspirations are changing, fast. That brings increasing challenge for our clients, as you seek to satisfy your stakeholders, tackle societal issues and deliver your business strategy.
Our network of experts looks at problems from fresh angles and finds opportunities in complexity. They bring together diverse skills, experience and insight, to turn obstacles into sustainable solutions. Our aim: to add value at every stage, for you and the lives you touch every day.
Mott MacDonald

We’re a global engineering, management, and development consultancy. Our purpose is to improve society by considering social outcomes in everything we do, relentlessly focusing on excellence and digital innovation, transforming our clients’ businesses, our communities and employee opportunities.

A fundamental part of this is respecting each person’s differences and striving to meet their needs.

We are proud to be a one of Glassdoor’s top employers to work for in the UK, as well as being recognised as a Top Inclusive Company in the UK.

Our values: Progress, Respect, Integrity, Drive, Excellence.

About the business unit 

Mott MacDonald’s support services are the driving force behind our organisation enabling us to run efficiently and effectively. The team works collaboratively to offer specialist advice, best practice and technology to all areas of our business specifically designed for our global reach. 
Overview of role

In this role the Learning and Development Specialist will be responsible for devising approaches and implementing solution to improve digital literacy and adoption of technology and systems.

The role will ensure the required training needs of the business are understood and translated into learning solutions that use a range of media to meet those needs.

Key duties and responsibilities include


- Collaborate with the IT Managers to define and build metrics and reporting on adoption of key systems and solutions
- Contribute to Group’s Digital literacy initiative based on work packages assigned to the IT team
- Manage the Super User network activities by planning sessions to raise awareness or improve learning and adoption across the wider business including Super User training sessions and creating training material / packs for lunch and learns.
- Work with the L&D teams and plan events (lunch and learn, genius bar, webinars etc.) to support the Business with their learning and adoption needs
- Collaborate with L&D to keep the technology-based training courses refreshed and up to date on Connected Learning
- Provide timely subject matter expertise and linkage with IT SMEs and L&D resources to develop solutions in time to meet needs
- Collaborate with Group L&D to adopt new learning approaches (where appropriate) and tools to optimise the impact of the outputs of the team
- Support the IT team by tracking and reporting on training plans for SIR
- Implement a measurement and evaluation strategy to monitor effectiveness of solutions and embed a continuous improvement cycle into the solutions deployed
- Management of the Pinnacle learning platform.
- Management of the Knowledge Smart Assessment tool.
- Analytics on training statistics.
- Management of IT training resources
- Develop Learning pathways for job families / roles.
- Management / assistance in developing skills matrixes for different roles.

Candidate Specification

Essential


- Demonstrable knowledge and delivery of L&D fundamentals and adult learning theory
- Proven experience with collaboration; strong cross-functional influencing skills & teamwork
- Proactive, analytical, and strategic approach to learning; with ability to work at both high level and detailed levels as required
- Good presence to work at all levels of the organization; strong communicator verbally and in writing with the ability to work across departments, a variety of audiences and cultures
- Strong influence and interpersonal skills to handle sensitive situations and confidential information


Desirable


- Decision making skills; creative and persistent problem solver
- Proactive self-starter, self-directed and driven to excellence in all aspects of role
- Excellent written and spoken English language skills


Personal Attributes


- Passionate about technology and learning.
- Ability to balance demands and priorities and think clearly under pressure.
- Attention to detail and a focus on quality.
- Excellent conflict resolution, communication, and collaboration skills.
- Logical and analytical approach to solving problems.



Equality, diversity, and inclusion
We put equality, diversity, and inclusion at the heart of our business, seeking to promote fair employment procedures and practices to ensure equal opportunities for all. We encourage individual expression in our workplace and are committed to creating an inclusive environment where everyone feels they can contribute.

Accessibility
We want you to perform your best at every stage in the recruitment process. If you are disabled or need any support to enable you to apply or attend an interview, please contact us at reasonable.adjustments@mottmac.com and we will talk to you about how we can support you.

Agile working
Happy to talk Flexible Working and how we can support your responsibilities beyond the workplace.

We offer some fantastic benefits including:

Health and wellbeing

- Private medical insurance for all UK colleagues.
- Health cash plan to support you with every day health costs and treatments.
- Access to Peppy, providing free support from menopause experts for all UK colleagues.
- A variety of wellbeing support is available through our comprehensive wellbeing program, including access for you and your family.
- Ability to flex your salary to opt into a wide range of health benefits, many of which can be extended to your family too.

Financial wellbeing

- We match employee pension contributions between 4.5% and 7%.
- Life assurance equal up to 4 x your basic salary, with an option to increase the level of cover to 6 x your salary.
- Our income protection scheme provides a financial benefit, as well as absence and return to work support due to long-term illness or injury.
- Flexible benefits, including increased life assurance cover, critical illness insurance, payroll saving and will writing.
- As an independently owned business we share the financial success of the business with all our colleagues in various ways including annual bonus schemes.

Lifestyle

- A minimum of 33-35 days holiday each year, inclusive of public holidays and dependent on level, with the ability to buy or sell leave through our flexible benefits programme.
- Holiday entitlement increased to a minimum of 35 days after 5 years’ service.
- Variety of employee saving schemes and discounts from high-street retailers.

Enhanced family and carers leave

- Enhanced family leave policies, including 26 weeks paid maternity and adoption leave, and two weeks paid paternity/partner leave.
- Our shared parental leave matches maternity leave meaning we pay up to 24 weeks at full pay.
- Up to five additional days leave are provided for those with significant caring responsibilities, two of which are paid.

Learning and development

- Primary annual professional institution subscription.
- A broad range of opportunities to enhance both technical and soft skills through mentoring, formal training, and self-development options.

Networks, communities, and social outcomes

- Join a wide range of groups including our Advanced Employee Networks which support our LGBTQ+, gender, race and ethnicity, disability, and parents/carers communities.
- Make a difference within our communities through our social outcomes.

Apply now, or for more information about our application process, click here.

Proud member of the Disability Confident employer scheme

The main duties and responsibilities are detailed in the job description attached in the advert. The post holder will lead the Cyber Security team to deliver the Cyber and IG elements of the Digital Strategy. To ensure robust policies and processes are in place and monitored. Lead and support the wider governance agenda in digital including achieving the Data Security Protection Toolkit, managing Digital Change Control, Incident Management, Risk Management, Audit and action planning.

Role

To provide world class support to an enterprise level client base responsible for incident resolution, processing of change requests, and contributions to problem management for customer network and infrastructure cases. The candidate will be qualified to a CCNA evel or a similar proven track record of experience.

Review, approve and execute change requests to ensure successful change management. Troubleshoot systems and network incidents to provide the maximum availability and optimal Mean Time To Repair. The T4 will be responsible for ensuring a positive customer relationship.

Main Responsibilities

• Review and execute firewall change requests to ensure successful change management.
• Troubleshoot systems and network incidents to provide the maximum availability and optimal Mean Time To Repair. When issues arise, they must analyze the root cause and resolve them promptly or else escalate them to next level.
• Responsible to review client’s firewall and network design, requirements and collaborate with other specialists and engineers of a higher level to assess risk posture of the design.
• Monitor, triage and response to firewall health alerts and incident tickets.
• Provide day-to-day technical support on troubleshooting errors or issues with firewalls and network devices
• Fulfil service requests such as MACDs or service requests such as policy admin(whitelist, blacklist, etc.).
• Provide technical advice and clarifications services supplied
• Apply change management process and implement or install security measures or controls.
• Conduct testing and evaluation for security solutions, including disaster recovery testing.
• Be part of the on-call operational support team roster. The role requires being on standby or on call after hours and weekends, on rotational basis.
• Responsible for ensuring a positive customer relationship.
• Ensuring that incidents and reports are communicated to the intended recipients.

What We Look for in a Candidate

• 3-5 years thorough knowledge and experience in Network Security.
• Thorough knowledge of the TCP/IP protocol Suite, VLSM, IP address allocation.
• Network Security engineering skills (Firewall, IPS, proxy, web filtering, email filtering, firewalls, APT detection, next gen firewalls)
• Deep understanding of major security protocols and cyber security including intrusion detection/prevention protocols
• Advanced level identification, investigation and resolution of major/complex incidents/vulnerabilities that affect the security of information assets
• Strong practical knowledge of network concepts including DNS, DHCP, VPN, network protocols, port configuration, link aggregation, and performance tuning.
• Able to configure and verify router hardware and software operation using all commands with a strong knowledge of all protocols.
• Knowledgeable and skilled in troubleshooting Network devices, Firewall, IPS, proxy.
• Flair for translating information security requirements into IT security controls and measures
• Passionate and knowledgeable in information security management / cybersecurity
• As with most other jobs that involve working with network technology, Network Security Engineer must be meticulous and detail oriented, examining every aspect of the system to guarantee security and spot software bugs or anomalous activity
• Position must be mindful of client needs and clearly communicate complex information. The Network Security Engineer must monitor network performance; provides reports on problem areas to clients; creates and analyzes network reports to identify network trends and initiate corrective action.
• Strong analysis skills to perform network and system vulnerability assessments, identifying and prioritizing security issues, and documenting findings and recommendations.
• Strong customer focus and quality mindset.

Preferred Requirements

• Knowledge of other networking technologies, including:
• FortiGate, Forti Manager(Good to have), Check Point, and Palo Alto
• Use of packet capturing technologies such as Wireshark, tcpdump, and NetScout.
• Knowledge of platform technologies including Microsoft Windows, Unix, and Linux.
• A degree in IT or equivalent proven experience in technical support roles for high-availability data centre infrastructures.
• ITIL accreditation

Job purpose:

This position is part of the Asia information Security and Data Protection function in Singapore with focus on data loss prevention (DLP) and data protection (DP).

Key activities:

• Serving as the primary point of contact for authorities and stakeholders regarding compliance with Data Loss Prevention (DLP) regulations and the support to data protection (DP).
• Maintaining data protection policies, procedures, and guidelines, monitoring compliance with data protection laws and regulations and data loss prevention related requirements and ensuring appropriate measures are in place.
• Conducting data protection impact assessments (DPIAs) to identify and mitigate risks associated with the processing of personal data.
• Collaborating with IT, legal, HR, and other departments to ensure data protection considerations and controls are integrated into business processes and systems.
• Investigating incidents and breaches related to data loss, breach, or unauthorized access.
• Collaborating with internal teams to integrate DLP solutions with existing infrastructure and security systems. e.g. management of DLP policy and ruleset
• Providing advice, guidance, and training to employees on data protection requirements, best practices, and data breach procedures
• Assisting the Head of Information Security Asia and Data Protection officers in developing and delivering reports to senior management on the organization's data loss prevention and data protection compliance status
• Collaborating with auditors to provide necessary documentation, evidence, and support during audit fieldwork, testing, and reporting phases.
• Reviewing audit findings, recommendations, and reports to identify opportunities for improving information security practices, processes, and controls.

Formal education:

• University or college degree or comparable
• Possession of professional qualifications will be advantageous. e.g. CIPM, CIPP, CISA, CISM, CISSP, CRISC, PMP

Specialist knowledge (work experience, further qualification):

• Minimum 5+ years of related experience in Data Protection, Data Loss Prevention or technology Risk function in financial services industry or consultancy
• Extensive knowledge of the regulatory environment and data protection laws within the Asia region. PDPC, MAS, NAFR, PBOC, JFA
• Experience in cybersecurity, risk management, and familiarity with DLP technologies would be an advantage.
• Strong analytical skills, with the ability to breakdown complex problems into actionable and understandable steps.
• Strong communication, stakeholder management and problem-solving skills are essential.

Role Accountability

This role is responsible for supporting Lubrizol’s Information Security Training and Awareness initiatives to elevate the understanding and adoption of a security culture that reduces overall cyber risk to the organization. Participate in the development and delivery of training and educational materials, Lubrizol’s simulated phishing program, all while providing reporting of activity to stakeholders with a respectful understanding of Lubrizol’s multicultural, global background.

Essential Job Functions

• Support the Information Security Training and Awareness program initiatives, following our internal policies and procedures.
• Identify training needs among the various business units supporting Lubrizol and supporting the phishing simulation program as needed.
• Assist with tabulation and reporting of results of training and phishing activities, tracking activity status in a consistently manner.
• Provide a bridge of communication utilizing all channels available to achieve a positive behavioural change.
• Support the Security Ambassadors program across Lubrizol.
• Gain an understanding of the unique security awareness requirements of Lubrizol business and manufacturing environments and serve as their primary point of contact.
• Instil a security culture that reduces the possibility of information security incidents.
• Provide insight and recommendations as part of a global information security team.
• Other Information Security activities as needed.

Critical Competencies

• Dynamic, initiative-taker that applies their strong, people-centric cyber-risk background along with effective communication and training skills to significantly improve the cybersecurity culture.
• Demonstrated effectiveness of working independently, establishing priorities, and managing task completion.
• Organizational awareness with an understanding of how to engage with employees and contractors to achieve best results.
• A true collaborator with a strong internal customer service approach, able to effectively build relationships and work in a collaborative, global environment.
• Sound decision-making and initiative-taking/creative critical thinking skills.
• Strong people skills.
• Responsive to internal stakeholders.

Required Qualifications

Education / Certifications:

• Associate degree in information technology (IT) or equivalent business experience.
• SACP, CSAP certifications are a plus.

Experience:

• Minimum four (4) years of IT or relevant business experience, preferably working in a cybersecurity team.
• Understanding of cybersecurity, human, and IT risk concepts, along with industry standards.

Skills & Systems:

• Solid experience with Microsoft Windows-based operating systems and Office products.
• Understanding of information security concepts.
• Ability to resolve issues via research and investigation.
• Experience in documenting issues and solutions to assist end user understanding.
• Understanding of the manufacturing environment and its unique information security needs a plus.
• Non-English language proficiency a plus.