Job Description

Roles & Responsibilities, including but not limited to: End-to-End Security Operations

• Inventory and Security Asset management - keep track of company digital/IT assets. Ensure chain-of-custody is present and updated.
• Access Control - ensure that IT applications are given on a need-to-know basis.
• Vendor Management - manage IT vendors and providers to provide services. Ensure that vendors are readily available for BCP/DRP purposes.
• IT Security - continuous monitoring of audit logs of IT application.
• IT Operations - provide in-house technical support and maintenance for all hardware and software; provide hardening and support for domains, such as DNS and cPanel
• Configuration Management - ensure application have the right security controls in place and are updated or review when there are new functionalities of applications.

• Technology Risk Management - work with compliance team to craft, administer and enforce MAS’s Technical Risk Management requirements throughout the business
• Data Protection - in charge of the data protection for all aspects of the business and ensure that the company adheres to all PDPA requirements set out by regulatory bodies
• Business Recovery, Disaster Recovery, and IT Audit - conduct bi-annual review of BCP, DRP or whenever company require. Conduct annual BCP, DRP Test and IT audits. To liaise on VAPT with vendor(s).
• Policies and SOPs - update and review IT policies and SOPs, and ensure staff are educated on the updates.

• Ensure staff are sufficiently trained on IT security and keep abreast of shifting security landscape.
• Set-up staff access to laptops as needed, and remove access as needed.

• Keep abreast with cyber health requirements set out by MAS and other regulatory bodies
  

• Degree in Information Technology or related fields OR any certifications such as CISM, CISSP is preferred. Candidates in the midst of getting degree/certification are welcome to apply.
• Knowledge on IT infrastructure and DNS.
• Minimally, knowledge on command line language and security encryption. Otherwise, knowledge on other coding language such as python and/or java is also possible.
• Knowledge on blockchain technologies is a bonus.
• Understanding on SDLC or SSDLC preferred.
• Ability to diagnose and troubleshoot basic technical issues.
• Experience with configuration of Wi-Fi networks and/or firewall configuration.
• Knowledge/Experience with MAS TRM is preferred.
• Basic/General Knowledge on VAPT scope, and types of testing.
• Willing to learn and keep yourself updated with latest software/hardware changes.
• Team-player. Must be able and willing to communicate effectively with colleagues and vendors.