Job Description

FWD Group is a pan-Asian life insurance business with more than 11 million customers across 10 markets, including some of the fastest-growing insurance markets in the world. FWD reached its 10-year anniversary in 2023. The company is focused on making the insurance journey simpler, faster and smoother, with innovative propositions and easy-to-understand products, supported by digital technology. Through this customer-led approach, FWD is committed to changing the way people feel about insurance. VisitIn Singapore, FWD aims to change the way people feel about insurance by leveraging technology to deliver products and services that are relevant, easy to understand and always convenient for our customers. To this end, we have a direct-to-consumer (DTC) platform that allows customers to buy their preferred life and general insurance products directly from our website; as well as a network of preferred Financial Advisory (FA) firms for customers who want to speak with an advisor before committing to an insurance plan. Whatever their preference, we believe insurance should be simple, reliable and convenient.Similarly, if you are looking for a career where you can create a real impact and celebrate living, we invite you to join us on our exciting journey.PURPOSEMinimize and mitigate the risk and protect the organization\xe2\x80\x99s information against a variety of cyberthreats (cyberattacks; theft or corruption from within; etc.), in line with FWD\xe2\x80\x99s risk enterprise risk management framework.KEY ACCOUNTABILITIES

• Works with IT teams and business functions to make sure that security tools and monitoring applications are compliant with security standards.
• Ensure IT operations and activities comply with Information Security standards set by FWD Group and regulatory standards as required by the Monetary Authority of Singapore (MAS).
• Analyze periodic vulnerability scan reports and collaborate with IT and business stakeholders to remediate identified vulnerabilities promptly. Monitor security patches, updates, exceptions and ensuring timely application across the organization\xe2\x80\x99s systems.
• Analyze hardening configuration reports and collaborate with different stakeholders to remediate identified gaps. Monitor compliance and track exceptions as needed.
• Review and analyze data generated from other Information Security tools and follow-up for remediation action.
• Investigate security alerts and incidents, analyze root causes, and track corrective actions to closure.
• Assist in developing and enforcing security policies, standards, and guidelines.
• Analyze and collaborate with different stakeholders ensure security metric data is complete and accurate.
• Perform periodic Information Security controls as per FWD policies and regulatory compliance bodies (such as hardening configuration review, log reviews, user access review, etc.)
• Collaborate with Group Information Security Team on the various Information Security projects initiatives.
• Collaborate with business functions to ensure employees are aware & trained about cybersecurity issues & practices.
• Other Information Security tasks as required.

• Diploma or Degree in IT, Computer Science or equivalent
• At least 5 years experience
• Relevant certifications (e.g., CC, CISSP, CISM, CEH) or strong desire to obtain those certifications are advantageous.

• Strong analytical skills, attention to detail, and problem-solving abilities.
• Technical skills and hands-on experience with Information Security related solutions considered an asset.
• Good understanding of Cyber Security, IT networking, Windows OS, technical troubleshooting, and problem solving.
• Awareness and understanding of common exploits and vulnerabilities, system hardening and cloud architecture.
• Good communication and analytical skills.
• Sound knowledge of Information Security management frameworks and guidelines such as NIST, ISO 27001, CIS baselines & best practices.

FWD Group