Job Description

- Plan and execute the IT Security Roadmap to improve operational readiness and awareness of changing threat scenarios.
- Initiate, develop and drive ongoing cyber security governance policies and framework to align with industry best practices and regulatory requirements.
- Support the team in communicating and interpreting the baseline controls to the relevant stakeholders.
- Develop, implement and monitor reporting mechanisms for governance, security and risk practices to support compliance and highlight areas of risk exposure.
- Perform continuous review to assess the adequacy and effectiveness of measures in compliance with policies, standards and regulatory requirements and coordinate with the stakeholders to develop and track risk remediation plans for security weaknesses identified.
- Plan and manage the cyber security education and promote awareness program by conducting effective cyber security awareness campaigns, trainings and APT (Advanced Persistent Threat) drill exercises such as email phishing simulation.
- Respond timely to IT security incidents and conduct investigation and necessary follow-up actions including containment, recovery and preventive actions.
- Work with the relevant IT operations team to respond to cyber threat and vulnerability alerts in a timely manner and stay abreast of cyber security related risks.
- Support and conduct cyber security review for proposed new systems or solutions in the organization.
- Manage vulnerability assessments and penetration testing with security service providers and work with stakeholders to ensure timely resolution of any control weaknesses.
- Work closely with the internal and external auditors to facilitate cybersecurity audits, reviews and timely closure of audit outcomes.
- Other ad-hoc duties as assigned.
Requirements
- 4 years of related work experience in cybersecurity management, security risk management, security governance framework and compliance (IT Security Audit / log review), technical vulnerability management (vulnerability assessment, penetration testing), application security, security technologies (system hardening, IDS/IPD, firewall), security incident response and security assessment.
- Strong understanding of ISO27001 and NIST standard.
- Good presentation, verbal and written communications skills with the ability to work with cross functional teams and stakeholders to formulate, institute real time awareness of security posture and baseline.
- Diligent, resourceful, and able to multitask in a dynamic work environment with a meticulousness in planning and tracking.Lim Shen Chee (Reg No. R1660557)
EA License No. 07C5771Job Type: Full-timeSchedule:

• Monday to Friday