EMIT - Global Security Monitoring Analyst
ExxonMobil
- Kuala Lumpur
- Permanent
- Full-time
We are looking for passionate individuals with a security and control mind-set to drive change in our business, and who enjoy working in dynamic, collaborative, and diverse global teams.
We are seeking a Global Security Monitoring Analyst to ensure the integrity and security of our IT systems by monitoring privileged access usage, enforcing compliance with company policies and procedures, and identifying and mitigating risks. The ideal candidate will be detail-oriented, proactive, and possess strong analytical and communication skills.What you will doAs a Global Security Monitoring Analyst, you will play a critical role in safeguarding the integrity and security of our IT systems. Your primary responsibility will be to monitor and enforce compliance with company policies and procedures, particularly regarding privileged access management. You will analyze audit trail reports, ensuring adherence to standard GSM Best Practice guidelines and review frameworks. Additionally, you will collaborate with various stakeholders to identify and mitigate risks, develop new policies, and implement automation solutions to enhance IT risk management and controls compliance. Key deliverables include:
- Monitor audit trail reports on the use of Privileged Access, as per standard GSM Best Practice guidelines, Factsheets and established review framework.
- Responsible to complete the Privileged Access monitoring within the stipulated Service Level Objective (SLO) time frame.
- Ensure compliance with all company policies and procedures.
- Ensure reported events are supported by valid and authorized requests.
- Follow-up on any observations:
- Ensure appropriate measures are taken to correct identified unauthorized activities or misuse of Privileged Access
- Classify the identified observations as per established guidelines into the GSM Incident Management Tool.
- Ensure established escalation process is followed for unresolved observations.
- Once the observation is confirmed, communicate to respective management appropriately.
- Document evidence of review performed into the GSM Incident Management Tool and steps taken on identified observations (if any).
- Coordinate feedback and responses (including complaints) to ensure continuous improvement.
- Responsible for escalating to respective Service Delivery Organization (SDO) if audit trail report is not generated.
- Work closely with Cyber Security team to develop new policies on the supported and new technologies/platforms.
- Investigate potential unauthorized software installed by users detected on ExxonMobil.
- Perform risk mitigation to have the software removed from the environment.
- Work closely with Cyber Security for any potential malicious software detected in ExxonMobil environment.
- Identify and design new automation solutions related with IT Risk Management and Controls Compliance.
- Develop & support IT Risk Management and Controls Compliance tools (e.g., IT System Information Request tool, information for Risk Advisor Dashboard)
Skills:
- Bachelor’s degree in computer science, Information Technology, or any other related field.
- Proven experience in IT compliance, risk management, or related fields.
- Strong understanding of privileged access management and audit trail monitoring.
- Knowledge of IT policies, procedures, and best practices.
- Experience with incident management tools and escalation processes.
- Excellent analytical and problem-solving skills.
- Meticulous attention to detail, sound analytical conclusions and the ability to recognize trends/patterns in data.
- Proficiency in the Microsoft Access, MS SQL, Microsoft Office (Excel Macro) , Outlook, ServiceNow
- Possession of in-depth knowledge and behaviors of Network, applications or IT infrastructure would be an added advantage
- Possess strong technical knowledge especially in SQL database queries with minimum basic working experience / knowledge on SPLUNK queries, dashboard, correlation events activities
- Knowledgeable in development discipline e.g.: RPA, Python, C, Nintex Workflow
- Knowledgeable in any Analytics Tools e.g. Tableau, Power BI, SPLUNK
- Basic knowledge about systems such as SAP, UNIX, ORACLE, SQL, AS400, Network Security (CISCO knowledge) and key system applications e.g. Windows Active Directory, Microsoft Exchange
- Possession of in-depth knowledge about Cloud Computing e.g. Microsoft Azure, AWS, GitHub, Openshift, etc would be an added advantage
- Possession of relevant certifications (e.g., CISSP, CISA) are a plus.
Learn more at our
Facebook:
Twitter:
Instagram:
Subscribe our channel atEqual Opportunity Employer
ExxonMobil is an Equal Opportunity Employer. All qualified applicants will be duly considered for employment.Winner of Malaysia's 100 Leading Graduate Employers Award in the Energy/Oil and Gas/Utilities categoryNothing herein is intended to override the corporate separateness of local entities. Working relationships discussed herein do not necessarily represent a reporting connection, but may reflect a functional guidance, stewardship, or service relationship.Exxon Mobil Corporation has numerous affiliates, many with names that include ExxonMobil, Exxon, Esso and Mobil. For convenience and simplicity, those terms and terms like corporation, company, our, we and its are sometimes used as abbreviated references to specific affiliates or affiliate groups. Abbreviated references describing global or regional operational organizations and global or regional business lines are also sometimes used for convenience and simplicity. Similarly, ExxonMobil has business relationships with thousands of customers, suppliers, governments, and others. For convenience and simplicity, words like venture, joint venture, partnership, co-venturer, and partner are used to indicate business relationships involving common activities and interests, and those words may not indicate precise legal relationships.