Job Description

COMPANY DESCRIPTION
Singapore Management University is a place where high-level professionalism blends together with a healthy informality. The 'family-like' atmosphere among the SMU community fosters a culture where employees work, plan, organise and play together – building a strong collegiality and morale within the university.

Our commitment to attract and retain talent is ongoing. We offer attractive benefits and welfare, competitive compensation packages, and generous professional development opportunities – all to meet the work-life needs of our staff. No wonder, then, that SMU continues to be given numerous awards and recognition for its human resource excellence.
DESIGNATION : IT Project Manager (Security), IITS

RESPONSIBILITIES

• This position is for Office of Integrated Information Technology Services (IITS)
• IT Security Management
  • Responsible for Cybersecurity compliance in accordance to MOE security posture for IHL as well as providing related updates & reports
  • Assist in IT Security policy formulation, management and planning. Develop the security strategy suited for SMU
  • Assist in developing and implementing IT Security policies and related procedures to protect SMU IT infrastructure as well as communicate these policies within SMU
  • Evaluate and recommend security policy, or technologies to address ongoing IT security threats and trends
  • Communicate key security developments and activities to IT management, including escalations of security matters, proposing solutions or recommendations
  • Educate, demonstrate and create awareness to both IT and Non-IT staff on the security arena
• IT Security Project and Consultancy
  • Responsible for managing new IT Security projects following set project management methodology, liaising with the respective stakeholders to ensure proper completion of project deliverables, and regular communication within the team and its business owners
  • Responsible for managing IT Security projects for existing infrastructure that include enhancements and new system implementation to be delivered within project timelines
  • Assist Head of Infrastructure and Head of Cybersecurity to all IT Security matters and/or related projects to team members to ensure the proposal, objective and plan are evaluate and executed successfully
  • Work with other team members and other departments to support and provide consultancy on IT security related issues
  • Provide technical security consultation and integrate standard security practices such as COBIT, ITIL, NIST, ISO27001/2 and ISO17799 into operations and development environment
• IT Security Operations
  • Responsible for Cyber Security infrastructure monitoring to detect and investigate anomalies to ensure the University is secure and protected at all times
  • Work with Infrastructure teams to ensure that daily IT Security operation running smoothly
  • Assist in managing and handling of all IT security incidents
  • Assist in security assessments, security forensics, incident management of requested or planned IT implementations such as identifying and classifying risks, threats, vulnerabilities in relation to SMU’s IT security policies
  • Perform daily IT Security related operations support for IT Security systems as well as liaising with vendors on all IT Security related Infrastructure matters
  • Keep updated on trends in IT Security and new vulnerabilities in Systems/Network area and advise the relevant Administrators
  • Keep abreast with the latest IT Security technologies, methodologies, news and warnings
• Audit (ISO27001 & NIST)
  • Work with Internal and External auditors to facilitate auditing of IT and manage the resolution of findings when required
  • Conduct random audits of IT equipment including controls on servers, network and workstations when required
  • Conduct vulnerability assessment, penetration testing and risk assessment using various scanning and penetration tools when required
  • Alignment ISO27001 with NIST framework as per MOE requirement

QUALIFICATIONS

• Degree or Diploma holder in Computer Science or equivalent/IT background.
• At least 5 to 7 years of relevant working experience in IT environment/Security management
• A CISSP (Certified Information Systems Security Professionals) and CISM (Certified Information Security Manager) qualification with knowledge of ISO 27001/2, ITIL, NIST and COBIT
• Proven track record of delivering IT infrastructure & security projects that involve cross-functional teams and/or matrix organizations with responsibility for budget, scope and schedule
• In-depth knowledge & experience in Cloud Technology Security, User Entity and Behavioral Analytics as well as APT Sandboxing Technologies
• Sound knowledge in Web application vulnerabilities such as OWASP Top 10, Cross-site Scripting, Application Security and SQL injections
• Familiar with operation of NG/Web Application/Database Firewall, VPN, Anti-Virus, Anti-Spam, SIEM, UEBA, Intrusion Prevention/Detection, Data Leakage Prevention System, Cloud Security technologies, Desktop Security & Vulnerabilities Assessment
• Good Knowledge of security standards, best practices and risk assessment with analytical skill
• Technically competent with good knowledge and skills in Network, Linux, UNIX, Windows and SAN, etc
• Strong technology and common business acumen
• A self-starter, always striving for excellence, innovative with service oriented mindsets and initiative to improve processes
• Attention to details and sound decision-making abilities
• Independent, with initiative, positive attitude and keen interest in exploring the areas of IT security
• Good interpersonal verbal and writing skills

OTHER INFORMATION
#LI-JN1 Candidates who do not possess the stipulated qualifications but have relevant work experience may still apply. Remuneration and appointment terms shall commensurate with qualifications and experience. SMU reserves the right to modify the appointment terms where necessary.