Job Description

Responsibility

• Develop and maintain IT security policies and action plans, reviewing them at least annually or as required by the Customer.

• Evaluate and recommend IT security products and solutions for implementation within the Customer's IT infrastructure.

• Implement and manage risk assessment methodologies, ensuring compliance with relevant service management requirements and industry standards.

• Develop and implement security management frameworks and governance structures as specified by the Customer.

• Establish and manage IT Security Incident Management processes, including

• detection, response, and handling of security incidents according to Customer guidelines.

• Collaborate with external partners and suppliers to resolve IT security incidents effectively.

• Participate in and contribute to industry-wide IT security incident response simulations and technical assessment exercises.

• Conduct forensic investigations when required, including secure disk image acquisition and analysis within specified timeframes.

• Monitor, analyse, and report on emerging security threats, vulnerabilities, and solutions relevant to the Customer's IT infrastructure.

• Conduct regular meetings with key stakeholders to highlight security issues and propose improvements to the Customer's IT infrastructure.

• Liaise and coordinate with external suppliers, security organisations, and the Government on IT security matters related to the Customer's infrastructure.

• Perform additional activities as necessary to secure the Customer's IT infrastructure.

• Review and follow up on security reports generated from central security tools, providing timely updates to the Customer.

• Manage the inventory of IT assets to be monitored by central security tools, ensuring compliance and proper onboarding of servers, networks, and databases.

Requirements
Experience And Skills Needed

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field

• Proven experience in IT security, with a focus on infrastructure security

• Strong understanding of information security principles, best practices, and relevant regulations

• Experience with a range of security tools and technologies

• Familiarity with forensic investigation techniques and tools

• Excellent analytical and problem-solving skills

• Strong written and verbal communication skills

• Ability to work effectively both independently and in a team environment

• Experience in liaising with external partners and suppliers on security matters

Desired Certifications:

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM)

• GIAC Certified Incident Handler (GCIH)

Skills Required