Senior Analyst, Network Security
At Prudential, we understand that success comes from the talent and commitment of our people. Together, we have a shared vision in securing the future of our customers and our communities. We strive to build a business that you can shape, an inclusive workplace where everyone's ideas are valued and a culture where we can thrive together. Our people stay connected and tuned in to what's happening around us, keeping us ahead of the curve. While focused on the long-term, we look to the future to bring growth, development and benefit to everyone whose lives we touch. Job Purpose:
This role is to drive Penetration Testing, network monitoring and Firewall review and approval operations within Prudential that span 11 countries and over 20 business units across Asia on an annual and ad-hoc basis. This candidate is to act as firewall request reviewer to ensure the risky firewall request is properly assessed. The candidate is also expected to have technical domain knowledge in Web application security, Mobile application Security, Infrastructure security. Job Responsibilities:
- Able to coordinate and drive Penetration Testing engagement with 3rd party vendors from understanding the scope, discussing and finalizing with vendor on scope of work, management end to end engagement, understanding identified findings and assist queries from business units on resolution
- Act a focal point for all firewall review and approvals from all LBUs and Engagement.
- Act as backup point on Penetration Testing engagements from an advisory and consultation role
- Assist business units in scoping requirements on Penetration Testing activities.
- Lead and collaborate with SMEs on all automation initiatives
- To support cloud base penetration testing and application penetration testing on agile environment practicing CI/CD.
- Assess firewall rules request ensuring the review is conducted according security policy and practices
- Implement Network Security operation improvement to align with RI&TS strategies and roadmap and improvement on operational effectiveness.
- Execute day-to-day operations of the Network Security and Metrics Reporting service catalog to meet the SLA which defines on the service catalog.
- Assist lead in managing key stakeholders (such as LBU, RT) for all Network Security related matters to ensure stakeholder concerns are understood, conflicts managed and addressed effectively, relationships are maintained better influence key decisions for better work effectiveness.
- Monitor and assess vulnerability/critical patch intel to ensure critical/high risk vulnerability communicated to the respective stakeholder and follow-up on remediation action.
- Bachelor degree in Information Technology / Computer Engineering / Computer Science.
- Experience hired of 2 to 5 years in supporting large organization with focus in IT security.
- Strong analysis skills and eye for detail.
- Experience in Automation
- Experience in coordinating and handling of penetration testing engagement.
- Good Project Management and Coordination skills are preferred.
- Knowledge in either OWSAP, NIST and other Penetration Testing methodology
- Experience in vendor and stakeholder management
- Ability to interact and communicate well at all levels of hierarchy