As a Security Analyst at Deriv, you will help the Information Security Manager examine and update our information technology (IT) security policies and procedures. In addition, you will evaluate the security control design and determine the efficacy of our security IT posture. Another major responsibility of yours will be coordinating with business stakeholders to monitor and improve our risk management, vendor management, vulnerability management, and information security policy governance.
Your challenges
Conduct continuous monitoring to test security controls throughout cloud environments.
Support business stakeholders with system changes and project tasks related to Deriv IT systems from development to production.
Create metrics and dashboards to keep track of security incidents, vulnerabilities, and threats.
Participate in audit observations by internal and external auditors, and respond to identified findings per applicable guidelines. Compile and share audit findings with respective systems and infrastructure teams in the IT department for resolution.
Take data leak prevention (DLP) measures on end-point devices and email; monitor alerts, follow up, and remediate when necessary.
Coordinate with management to plan and manage the security awareness training programme.
Requirements
University degree in IT or a relevant field, or equivalent work experience
6+ years of relevant experience in information security, including the CIA triad, RBAC, security industry best practices, vulnerability, attack vectors, IOCs, encryption, encoding, and different types of threat actors
Experience in IT security compliance audits
Experience in common information security frameworks such as CIS, GDPR, and ISO 2700x series
Knowledge of cloud environments such as AWS
Ability to work both independently and with multiple teams
Good interpersonal skills
Excellent spoken and written English communication skills