Professional Qualification and Certifications:Bachelors Degree in Computer Science, Information Systems or other related field, or equivalent work experience.Certification in risk, information systems and/or security desiredWork Experience: Minimum 3- 5 years of experience in IT security, Identity and Access Management (IAM), DLP experience, Cloud Security and Governance.Knowledge and skills:Knowledge of IT infrastructure, especially networks, server. Desktop and DLPProven experience as a Cyber Security Engineer with a focus on Symantec DLP solutions.In-depth knowledge of Symantec DLP architecture, components, and capabilities.Strong understanding of data classification, encryption, and data loss prevention techniques.Hands-on experience in designing, configuring, and managing DLP policies and rules.Familiarity with regulatory requirementsExcellent analytical and problem-solving skills, with the ability to troubleshoot complex technical issues.Effective communication skills, with the ability to convey technical concepts to non-technical stakeholders.Knowledge of Third-party Risk management. Conducting Risk assessment and Cloud assurance.Experience in security management, security and network architecture and/or designExperience in implementing and maintaining IT security processesExperience in creating and reviewing IT security policies for complianceSkills and knowledge in data privacy, best practices such as; defence in-depth, least privileges, need-to-know, separation of duties, access controls, encryptionKey Processes Supported:This role supports to following critical Head Office processes:Interpret cyber security and corporate risk, and governance frameworksDevelop applicable policies and standardsMonitoring and reportingEnsuring policy compliancePerform daily, weekly, monthly system health checks for VPN, F/W and ProxyImplement approved configuration/rule changes for VPN, F/W and ProxyEnsure application/system security and availability thru load balancing and optimisation (F5)Run adhoc reports for VPN, F/W and ProxyRespond to P1, P2 and P3 Events and AlertsFine Tune Use Cases with SOC and OPSWork with SOC to analyse threat intelligence and technical analysisConduct Cyber Incident Exercises to test preparednessSet and implement user access controls and identity and access management systemsMonitor network and application performance to identify and irregular activityPerform regular audits to ensure security practices are compliantDeploy endpoint detection and prevention tools to thwart malicious hacksSet up patch management systems to update applications automaticallyImplement comprehensive vulnerability management systems across all assets on-premises and in the cloudDocument network, system, and application user access control procedures and feedback to management to update policies and processes when vulnerabilities are uncoveredCentral point for all IT systems access requests for services or informationValidate legitimacy of requests; ensure proper approvals and execute per the access policies, regulations and proceduresDevelop and maintain user access application inventoryDistribute access control reports to support periodic reviewsProvide required Management Information ReportsWork with business stakeholders and participate in company projects to ensure that onboarding of new applications is managed in alignment with data governance policies.Develop and implement regular access control process improvementsHeightened awareness of Cyber Security.Share Vulnerabilities/Threats discovered and Mitigation Strategies with the user communityInform stakeholders about inappropriate use of IT systems/ServicesPerform vulnerability testing, risk analyses and security assessmentsRespond immediately to security-related incidents and provide a thorough post-event analysisUpdate and upgrade security systems as neededDefine, implement and maintain corporate security policies and proceduresPlan, research and design robust Security Architectures and Strategies for IT and OT projectsAct as an SME for Cyber Security related issuesConduct technical risk assessment to capture security exceptions and design associated controls