Senior IT Security Analyst

Wave Money

Lokasi pekerjaan

Bangkok

Detail Pekerjaan

This role will be responsible for ensuring the company’s IT Infrastructure and sensitive information are protected in a secured manner. This role focuses on ensuring the company’s digital assets are protected securely and will play an important role in driving Information & Cyber Security transformation of the organization. You must have experience in Reverse Engineering and Malware Analysis.
• *Key Results Area**

• Assist in maturing Vulnerability Assessment and Security Testing process of the organization.
• Analyze and dissect malware samples to understand their behavior, functionality, and propagation methods, enabling effective threat mitigation strategies.
• Provide timely support during security incidents by conducting rapid analysis of suspicious files, network traffic, and system logs to aid in containment and remediation efforts.
• Support in developing the IT Security and Compliance program of the organization, tracking the progress and coordination between stakeholders and counterparts.
• Assess the security exposure of the organization’s Digital Assets including, but not limited to, the organization’s sensitive information, systems and products.
• Involve Security Monitoring and Incident Handling, Threat Hunting.
• *Job Description**

• Conduct in-depth analysis of software binaries, firmware, and network traffic to identify security vulnerabilities, weaknesses, and potential attack vectors.
• Analyze malware samples to understand their behavior, functionality, and propagation methods.
• Develop and maintain in-house sandbox environments for malware analysis.
• Analyze Android and iOS applications to uncover vulnerabilities, malicious code, and potential threats.
• Stay updated with IT Security industry trends and assess relevance to the organization.
• Keep up with the latest vulnerabilities and malware outbreaks proactively.
• Develop and maintain custom tools and scripts for reverse engineering and malware analysis.
• Document findings, analysis results, and recommendations in clear and concise reports
• Develop and maintain metrics to measure the effectiveness of security controls
• Work closely with other members of the cybersecurity team to develop and implement effective mitigation strategies for identified vulnerabilities
• Provide technical expertise and guidance to other members of the cybersecurity team on emerging threats, vulnerabilities, and attack techniques and advise proactive controls upon business impact assessment
• Collaborate with other teams within the organization to enhance security awareness, response, and resilience.
• Perform threat hunting activities based on realistic industrial hypothesis
• Respond proactively in Security Incident Response from detection to closure. Perform post-mortem on security breaches and incidents to identify the root cause and preventive actions
• Conduct Security Assessments and Testing through vulnerability testing and risk analysis of Wave Money’s IT Infrastructure, sensitive information, products, and digital assets
• Keep tracking on latest threat trends and advise proactive controls upon business impact assessment.
• Verify the security of third-party vendors and collaborate with them to meet security requirements.
• Contribute to team by accomplishing related results as needed.
• *Job Requirements**
• 3 years of work experience as a Security Analyst or similar role
• Bachelor’s Degree or Higher in Computer Science or Technology; OSED, eCMAP and/or CREST certifications holders
• Must have experience in Computer Forensics and Reverse Engineering
• Strong understanding of assembly language (x86/x64, ARM) and low-level system internals.
• Proficiency in reverse engineering tools such as IDA Pro, Ghidra, Frida or similar.
• Knowledge of common security vulnerabilities and exploitation techniques.
• Proven working experience of IT Compliance, Information and Cyber Security on on-prem, private cloud and public cloud environments.
• Strong communication skills with the ability to explain findings and recommendations.
• Ability to track vulnerability advisories and remediation status.
• Strong working experience with SecOps Tools and Commercial Security Testing Tools
• Previous working experience in Security Testing, Reverse Engineering, Malware Analysis, Secure Architecture review and/or Security audit.
• Relevant experience in a Financial Institution will be a plus

Situs web kami menggunakan Cookies dengan tujuan meningkatkan aksesibilitas dan kualitas kami. Silakan klik "Setuju" jika Anda menyetujui penggunaan Cookie kami. Untuk melihat detail lebih lanjut tentang bagaimana perusahaan kami menggunakan Cookies, silakan lihat di sini.

Kebijakan Cookie