Security Operations & Monitoring
- Monitor ICT systems and services for vulnerabilities, malware, and suspicious activities using advanced tools.
- The role involve proactive threat detection, triage of security events, and leveraging automation to streamline alert handling.
- Continuously review and enhance monitoring processes to strengthen detection capabilities and minimize risk.
Incident Management & Response
- Act as the designated point of contact for cybersecurity incidents.
- Triage, analyse, and escalate incidents in line with established policies and procedures.
- Track remediation efforts for security gaps, audit findings and conduct post-incidentreviews, implement lessons learned to strengthen response processes.
Vulnerability Management & Risk Management
- Design and integrate security systems to reduce exposure to threats.
- Perform regular vulnerability scans across critical and high-value assets, including applications.
- Track remediation progress and provide timely status reports to management and work withdevelopers to remediate application-level vulnerabilities promptly.
- Identify and assess cybersecurity risks, including application security risks and coordinatemitigation measures with relevant stakeholders.
- Update risk registers monthly, ensuring new risks are assessed and mitigation plans documentedwithin two weeks of identification.
Security Reporting, Metrics and Continuous Improvement
- Collect, log, and organise cybersecurity events, incidents, and vulnerability data in a centralized system.
- Analyze data to identify trends and provide actionable insights for management.
- Evaluate the effectiveness of security standards and procedures regularly, review post-incident actions, and incorporate improvements into processes.
- Promote secure development practices, security awareness across teams and encourage participation in security initiatives across divisions.
Requirements
- Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related discipline.
- Relevant professional certifications such as CISSP, CISM, CISA, CompTIA Security+, CEH.
- Global Information Assurance Certification such as GIAC, GSEC ,GIAC or GCIH is advantageous.
- Cloud Security Certifications such as AWS Certified Security - Specialty or Microsoft Certified: Azure Security Engineer Associate is advantageous.
- Additional desirable skills: Knowledge of secure coding practices, application security frameworks (e.g., OWASP Top 10), and experience integrating security into the Software Development Lifecycle (SDLC).
Interested applicants, please Email , and look for
Jensen Fang Lifa
Recruit Express Pte Ltd
EA License No. 99C4599
EA Personnel Registration Number: R2197080
We regret that only shortlisted candidates will be contacted.
