Job Description

IT Security Manager (ITSM)
General Information
Req #
WD00075471
Career area:
Information Technology
Country/Region:
Singapore
State:
Central Singapore
City:
SINGAPORE
Date:
Tuesday, December 3, 2024
Working time:
Full-time
Additional Locations:

• Singapore - Central Singapore - Singapore

• Singapore - Central Singapore - SINGAPORE

Why Work at Lenovo
We are Lenovo. We do what we say. We own what we do. We WOW our customers.
Lenovo is a US$57 billion revenue global technology powerhouse, ranked #248 in the Fortune Global 500, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver Smarter Technology for All, Lenovo has built on its success as the world's largest PC company with a full-stack portfolio of AI-enabled, AI-ready, and AI-optimized devices (PCs, workstations, smartphones, tablets), infrastructure (server, storage, edge, high performance computing and software defined infrastructure), software, solutions, and services. Lenovo's continued investment in world-changing innovation is building a more equitable, trustworthy, and smarter future for everyone, everywhere. Lenovo is listed on the Hong Kong stock exchange under Lenovo Group Limited (HKSE: 992) (ADR: LNVGY).
This transformation together with Lenovo's world-changing innovation is building a more inclusive, trustworthy, and smarter future for everyone, everywhere. To find out more visit , and read about the latest news via our .
Description and Requirements
You Will:
xc2xb7 To be the first person and POC for all security incidents
xc2xb7 The ITSM shall inform the parties listed in the Technical SOP within the Expected Response Timeline of the Incident Management.
xc2xb7 The information to be provided shall include the incident reference number, description, date and time and the impact (including who had been affected) of the incident.
xc2xb7 To administer, maintain and assess the implementation of security processes.
xc2xb7 To develop System Owner support for acquiring and sustaining adequate resources for incident response.
xc2xb7 To be the corporate intermediary for coordinating communications between System Owner and incident response personnel.
xc2xb7 To serve as a trusted custodian of incident information for ensuring the preservation and admissibility of evidence.
xc2xb7 To ensure the compliance with the required IT security policies.
xc2xb7 To perform the logs review in all security system manager by AFM team
xc2xb7 To review system logs and to work with agency manager and onsite technical team on necessary actions
xc2xb7 To do regular policy check and review, ensure all are in line with agency requirements.
xc2xb7 To promote IT security awareness and responsibility.
xc2xb7 To participate in incident response table-top exercises, simulation and drills either conducted internally by the Contractor or as required by GovTech.
Resolution for Preventing Recurrence of Security Incidents
xc2xb7 For cases where workarounds are implemented, the ITSM shall identify the root causes and implement permanent resolutions according to the Problem Management process.
xc2xb7 To assist with management/containment/remediation/eradication of security incident
xc2xb7 To assist with Risk assessment
xc2xb7 The ITSM shall be responsible to close all IT security incidents in accordance with the Incident Management process.
xc2xb7 For every IT security incident, the ITSM shall submit to the Representative an incident report in draft within one (1) day and a final version within three (3) days of incident resolution, unless otherwise agreed by the Representative.
xc2xb7 The incident record shall be closed only when the incident report is accepted by the Representative. The Representative reserves the right to verify the details in the incident report against the associated incident record maintained by the ITSM. The incident report shall be in the format defined by the Representative.
He/She is required to participate in following audit activities performed by 3rd party auditors or internal auditors:
(a) IT Security Review
(b) IT Vulnerability Assessment
(c) IT Security Penetration Testing
(d) IT Security Compliance Review
You Bring:
xc2xb7 Minimum 5-7 years of experience in Cyber Security Management
xc2xb7 Must have vulnerability management systems hands on (Tenable SC+, Nessus Manager, DLP, Insider security and Splunk )
xc2xb7 Must have certification :CEH, CISSP or CISA or CISM
xc2xb7 Preferred certifications: PMP, CISM, or other professional security certification added advantage
Preferred skills:
xc2xb7 Application Security
xc2xb7 Open Web Application Security
xc2xb7 Penetration Testing
xc2xb7 Identity Management
xc2xb7 Federal Information Processing Standards (Fips)
xc2xb7 Federal Information Security Management Act
#LPS
Additional Locations:

• Singapore - Central Singapore - Singapore

• Singapore - Central Singapore - SINGAPORE

• Singapore

• Singapore - Central Singapore

• Singapore - Central Singapore - Singapore , * Singapore - Central Singapore - SINGAPORE