Search by job, company or skills

S

IT Security Officer (ITSO)

SEDHA CONSULTING PTE. LTD.
Singapore
3-5 Years
SGD 7,500 - 10,000 per month
new job description bg glownew job description bg glownew job description bg svg
  • Posted a month ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Role Overview

We are seeking an experienced IT Security Officer (ITSO) to focused on Governance, Risk, and Compliance (GRC) across both end-user computing, on-premises and cloud environments. ITSO acts as a subject matter expert who ensures that systems and procedures are align with the IM8 policies and standards.

Key Responsibilities

Develop cybersecurity Standards and Policies:

  • Develop and maintain cybersecurity standards, procedures, and rulesets based on best practices and IM8 compliance
  • Perform risk assessments on system deviations and new project functionalities

Compliance & Hardening:

  • Conduct system hardening checks using CIS Benchmarks and IM8 standards
  • Perform security reviews to ensure remediation of audit findings
  • Run table-top or simulation exercises

Audit Coordination & Management:

  • Act as primary interface for internal and external auditors
  • Coordinate Request for Information (RFI) processes
  • Ensure evidence collection and prompt provision to auditors

Security Monitoring Support:

  • Monitor and respond to security alerts and incidents (phishing, malware, endpoint alerts)
  • Coordinate with system operators to identify potential threats
  • Perform basic triaging before escalation to next level security responder
  • Provide updates to stakeholders

Vulnerability and Penetration Test Management:

  • Perform vulnerability assessment and penetration test activities using automated and manual tools
  • Provide actionable remediation recommendations
  • Understand published vulnerabilities and their security patches in context of deployed systems
  • Perform risk assessments on vulnerabilities

On-Premise and Cloud Security Governance:

  • Monitor and notify security patch releases for various environments (End-User computing, On-Premise Office Networking, GCC, GCC+)
  • Assess security patch ratings using CVSS standards
  • Consider deployed environment context when rating patches

Stakeholder Engagement:

  • Present vulnerability scanning results, security testing results, and security incidents to management
  • Conduct security awareness training for users
  • Act as bridge between technical teams and management

Experience & Qualifications:

  • Bachelor's degree in computer science, IT, Cybersecurity, or related field
  • Minimum 3 years relevant experience
  • Experience in network security, secure application development, cryptography, mobile security, cloud hosting, or DevSecOps
  • Experience working with teams to create security policies and procedures
  • Security certifications (SANS GCIH, CISSP, CISM, CISA, AWS/Azure security) preferred

Technical Skills:

  • Proficient with tools like Tenable, Nessus, and Splunk
  • Familiar with cloud security platforms (AWS Security Hub, Microsoft Defender/Sentinel for Cloud)
  • Understand cybersecurity investigation processes and vulnerability assessment/penetration testing (VAPT)
  • Good stakeholder management skills
  • Strong presentation skills
  • Write clearly and concisely

Good to Have:

  • Government sector experience
  • Healthcare industry knowledge
  • Digital transformation background

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
It Security
Employment Type:
Full time

Job ID: 140234945

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 30-01-2026 05:26:23 PM
Homejobs in SingaporeIT Security Officer (ITSO)