This position forms part of the IT Security and Risk team and reports to the Information Security & Risk Manager.

 

The position is primarily responsible for supporting the IT Security and Risk Management for Crown and assisting to implement and promote information security at Crown.

 

IT Security and Risk Analyst is also required to take active involvement in delivery of information security implementation such as ISO 27001 and ensuring IT processes meet necessary security requirements.

 

This position is also required to comply with Crown’s Group IT Policies and other relevant processes as directed.

 

 

Key Tasks and Responsibilities

 

**Incident Monitoring and Response: Continuously monitor security alerts and incidents using Microsoft Sentinel and other tools. Respond promptly to security breaches and incidents, documenting actions taken.

 

**Threat Analysis: Analyze potential security threats and vulnerabilities within the organization’s infrastructure. Utilize Zscaler and other applications to assess risks and recommend mitigation strategies.

 

**Collaboration: Work closely with IT teams to ensure the security of Office 365 and other applications. Coordinate with stakeholders across departments to address security concerns. Coordinate with 3rd party service provided

 

**Documentation and Reporting: Maintain detailed records of security incidents and responses. Prepare reports for management on incident trends, vulnerabilities, and overall security posture.

 

**Continuous Improvement: Stay updated on the latest cybersecurity threats and trends. Recommend enhancements to existing security protocols and tools to strengthen defenses.

 

** Corporate Social Responsibility: Support the company CSR commitment and goals.

 

 

Aptitude, Knowledge and Qualifications

Participate in the delivery of information security and risk management such as vulnerability management, web application assessment, wireless assessment, IAM and SIEM, etc. Perform regular reviews on various IT processes to maintain compliance level. Facilitate various IT Security audits. Report and handle information security incidents in a responsive manner. Provide primary support on client information security inquiries. Demonstrate and promote the company vision and values. Demonstrated commitment to customer service and continuous improvement. Demonstrated ability to set priorities, work autonomously, manage your time and workload and dependably meet strict deadlines. Professional attitude and a willingness to contribute to a team environment. Professional Knowledge and Skills

 

Qualifications:

Bachelor’s degree in Computer Science, Information Technology, or a related field. 4 - 6 years’ experience in similar role. At least 4 years solid experiences in information security and risk management. Experience with Microsoft Sentinel, Zscaler, Office 365, InTune, or similar security applications. Strong understanding of network security principles and practices. Excellent analytical skills with attention to detail. Relevant certifications (e.g., CRISC, CompTIA Security+, CEH) preferred. Cultural sensitivity and awareness. Strong Communication and interpersonal skills. Maintain a broad knowledge of security controls in various IT platforms.

 

 

This position plays a critical role in safeguarding the organization’s digital assets through vigilant monitoring and effective incident response.