Cybersecurity Compliance Analyst- APAC

About The Position

Requirements

• 2-3 years of experience in Security Technologies, Information Security, Business Resilience, Technology Risk or related fields
• External-facing client experience
• Can work independently and with teams to identify and resolve challenges and overcome roadblocks.
• Ability to communicate effectively, both verbally and in writing, with clients and internal audiences
• Understanding of cybersecurity domains, including Security Operations (on-premise and cloud), Security Engineering, Information Risk Management, etc.
• The ability to articulate secure best practices of various aspects of information risk management in the context of people, processes and technology
• Report Writing: Emphasis on Spelling, Grammar, Word usage, and the ability to write a summary that answers the Who, What, Where, When, How, and, to the best of your ability, Why.
• Strong communication skills: Be able to perform summarization and commonality detection and "connect the dots" so that a group of facts is turned into contextual information. Then take that contextual information and determine if it proves your hypothesis right or wrong.
• Ability to quickly learn and adapt security best practices to a wide variety of technologies in use by clientele

Nice To Haves

• Intermediate coding/scripting skills to help automate processes and scale implementation efforts
• Be familiar with technical system access controls, how to apply them, and what benefits are gained from controls.
• Ability to provide on-the-job training and knowledge sharing to other team members
• Solid sense of integrity and identification with the mission.
• Strong intuition and ability to think “outside the box”
• Attention to detail while seeing the bigger picture

Responsibilities

• Assist vCISOs in executing elements and projects, such as risk assessments, within a security program
• Work directly with clients to understand their operations and tailor security policies and procedures that are fit for the organization
• Serve as subject matter expert of Kobalt’s security education platform
• Design and deploy phishing tests to clients regularly
• Provide compliance audit readiness support as required
• Provision, implement, and manage Vanta, or a similar GRC platform, for clients
• Build new tools and techniques to compress human-intensive tasks into work that can be achieved in a fraction of the time
• Document best practice procedures for commonly used technologies for the standardization of deployment
• Identify system misconfigurations and draw up recommendations for clients, and assist where necessary
• Collaborate with team members to assist with improvements, discovery, and production of creative and insightful security use-cases
• Capture regular metrics highlighting key activities, measurable accomplishments, and blockers
• Support the design and development of Kobalt’s service offerings through insightful feedback and a positive attitude as a contributing member of our security delivery team
• Help drive improvements in our best-in-class security services through the creation of knowledge-base articles and services documentation
• Respond to and engage our customers through our ticket system, chat, email, phone, or other mediums as required

Benefits

• Competitive salary and benefits package
• Exposure to diverse client environments
• Professional development opportunities
• Fun and inclusive company culture