[What the role is]
As an IT Security Officer, you will be responsible for monitoring, analysing, and strengthening the organisation's cybersecurity posture. You will support governance, risk management, incident response, and compliance activities to safeguard ICT systems and data in alignment with Singapore Government cybersecurity policies and ITE's Cybersecurity policies (e.g. IM8, GovTech standards)
[What you will be working on]
Be part of the IT Governance and Security Team to:
- Develop frameworks and processes to support both Enterprise and Teaching & Learning business objectives of ITE
- Develop, implement and monitor reporting mechanisms for governance, security and risk practices to support compliance and highlight areas of exposure.
- Review to identify security risks and breaches to ensure the organisation's assets and information are appropriately secured at all times.
- Provide cybersecurity guidance to project teams to ensure secure design and implementation
- Review system architectures and recommend appropriate security controls based on best practices (e.g. Zero Trust, defence-in-depth)
- Support integration of security requirements into system development lifecycle (SDLC)
- Communicate security basics to the general user population including formulating Security Awareness program to raise user awareness and understanding of basic security concepts
- Monitor and review compliance with risk management strategies and practices to ensure ICT-related activities are meeting Singapore Government Instruction Manual and relevant ICT security best practices.
- Conduct threat analysis using threat intelligence sources to identify emerging risks.
- Perform vulnerability assessments and support remediation tracking across systems
- Analyse logs and security events to identify potential security weaknesses and attack patterns.
- Lead in the investigation of cyber security incidents by working with other government agencies such as GovTech and CSA.
- Coordinate incident response activities and support containment, eradication and recover efforts when required
- Monitor and report on cybersecurity posture, risk exposure and compliance status
- Support cybersecurity aspects of Business Continuity and Disaster Recovery planning
- Participate in tabletop exercises (TTX) and incident simulations to improve organisational readiness
[What we are looking for]
- Possess suitable academic or professional credentials in Information Technology, Computer Engineering, Computer Science or related fields.
- Possess relevant IT Cybersecurity certifications (eg CEH, CISSP, OSCP, CISM and GIAC equivalent certifications) would be an advantage.
- Minimum 5 years experience in IT Security & Operations.
- Having experience in leading cross-functional teams in IT Governance and/or IT Security & Operations would be an advantage
- Possess leadership qualities as well as good people and collaboration skills. - Good presentation, verbal and written communications skills.
- Diligent, resourceful and able to multitask in a dynamic work environment
- Meticulous in planning and tracking
- Familiarity with tendering procedures, ICT Security Standards in Singapore Public Service and managing IT budgets would be an advantage.
