Cybersecurity Analyst

Job Scope

The Cybersecurity Analyst is responsible for developing and implementing comprehensive information security programs within the organization. This role involves determining access requirements, planning and executing security initiatives, and maintaining the overall cybersecurity posture. The analyst will defend digital assets, including systems, networks, and data, against malicious threats. Key responsibilities include establishing and enforcing security frameworks, implementing and auditing controls to prevent data breaches and cyber-attacks, and ensuring adherence to both internal and external security mandates.

Communication

• Internal: Regular reporting to hierarchy, policy implementation, information exchange, KPI discussion, and inter-departmental service provision.
• External: Not applicable.

Key Duties and Responsibilities

• Define information access privileges and implement security programs accordingly.
• Monitor and advise on information security matters to ensure robust internal cybersecurity controls.
• Develop and publish cybersecurity policies, procedures, standards, and guidelines aligned with best practices and compliance needs.
• Investigate and address computer security procedure violations, ensuring repeat offenses are prevented.
• Coordinate and execute cybersecurity projects for the organization.
• Notify senior management and the IT department of suspected cybersecurity incidents and threats.
• Conduct organization-wide data classification assessments and security audits.
• Assist in creating cryptographic protocols for securing emails, files, and sensitive data.
• Contribute to the development of incident response plans and annual IT risk assessments, including mitigation strategies.
• Document cybersecurity incidents, emergency responses, procedures, and conducted tests.
• Collaborate with government IT and legal departments to ensure compliance with safety and security regulations, implementing mandated policies to manage vulnerabilities.
• Develop and manage user security awareness programs for all computer users.
• Support the organization's efforts to achieve ISO 27001 Information Security Management certification.
• Participate in risk assessments for current and new projects, ensuring comprehensive cybersecurity coverage.
• Create and edit cybersecurity-related documentation and technical specifications for security safeguard assessments.
• Provide support for Industrial Control Systems, Electrical Automation Systems, cybersecurity systems, and network operations.
• Engage in cybersecurity research to stay updated on the latest security issues and contribute to cybersecurity education.
• Perform other duties as assigned by the direct supervisor.

Additional Information

This role requires a proactive approach to cybersecurity, ensuring the protection of company and third-party information assets.