IT Security Officer (LSS)

IT Security Officer
Minimum 10 years of experience in maintaining comprehensive information security programmes within enterprise environments. Responsible for managing and coordinating the performance and delivery of security services under the contract. Candidates should have strong domain expertise and hands-on experience in the following areas:

(a) Information Security Governance (Core)

• Development and enforcement of security policies, standards, and procedures
• Compliance with industry regulations and standards (e.g., ISO 27001, GDPR, HIPAA)
• Conducting risk assessments and maintaining the organisation's risk register
• Familiarity with IM8 Policy for on-premises infrastructure security

(b) Security Architecture

• Knowledge of zero-trust models and micro-segmentation
• Secure cloud architectures and cloud security best practices

(c) Identity & Access Management (IAM)

• Implementation and management of IAM solutions
• Experience with MFA and SSO technologies
• Proficiency in Privileged Access Management (PAM) strategies

(d) Threat Detection & Response (Core)

• Management of SIEM platforms
• Experience with Endpoint Detection & Response (EDR) solutions
• Development and execution of incident response plans

(e) Vulnerability Management (Core)

• Regular vulnerability assessments and penetration testing
• Oversight of patch management processes
• Familiarity with vulnerability scanning tools and remediation practices

(f) Data Protection (Core)

• Data Loss Prevention (DLP) strategies
• Encryption technologies for data at rest and in transit
• Data classification and handling procedures

(g) Compliance & Auditing (Core)

• Ensuring compliance with regulatory requirements and standards
• Conducting internal audits and supporting external audits
• Preparing and maintaining documentation for compliance purposes

(h) Third-Party Risk Management

• Assessing and mitigating risks from vendors and service providers
• Defining and enforcing third-party security requirements in contracts

(i) Operational Technology (OT) Security

• Understanding OT security principles and risks
• Securing ICS and SCADA environments

(j) Service Management

• Contract management
• Change or service request management
• Problem and incident management

(k) Certifications (Mandatory)

• CISSP (Certified Information Systems Security Professional)

If you believe you fit the requirements for the role, please submit your application below or drop us an email directly quoting the job title.

Due to an anticipated high volume of applicants, we regret that only shortlisted candidates will be notified. The information provided is for recruitment purposes only.

Know someone who would be a great fit for this role and get rewarded.

Cornerstone Global Partners (EA License Number: 19C9859) is an affirmative equal-opportunity employer and recruitment firm. We evaluate qualified applicants without regard to race, colour, religion, creed, gender, sexual orientation, gender identity, marital status, national origin, age, veteran status, disability, or any other protected class.

Eugene Then
[Confidential Information]

EA Registration Number: R22104742.

Cornerstone Global Partners Pte Ltd (EA License: 19C9859)