Develop and maintain IT security policies and action plans, reviewing them at least annually or as required by the Customer
Evaluate and recommend IT security products and solutions for implementation within the Customer's IT infrastructure
Implement and manage risk assessment methodologies, ensuring compliance with relevant service management requirements and industry standards
Develop and implement security management frameworks and governance structures as specified by the Customer
Establish and manage IT Security Incident Management processes, including detection, response, and handling of security incidents according to Customer guidelines
Collaborate with external partners and suppliers to resolve IT security incidents effectively
Participate in and contribute to industry-wide IT security incident response simulations and technical assessment exercises
Conduct forensic investigations when required, including secure disk image acquisition and analysis within specified timeframes
Monitor, analyse, and report on emerging security threats, vulnerabilities, and solutions relevant to the Customer's IT infrastructure
Conduct regular meetings with key stakeholders to highlight security issues and propose improvements to the Customer's IT infrastructure
Liaise and coordinate with external suppliers, security organisations, and the Government on IT security matters related to the Customer's infrastructure
Perform additional activities as necessary to secure the Customer's IT infrastructure
Review and follow up on security reports generated from central security tools, providing timely updates to the Customer
Manage the inventory of IT assets to be monitored by central security tools, ensuring compliance and proper onboarding of servers, networks, and databases
Requirements
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field
Proven experience in IT security, with a focus on infrastructure security
Strong understanding of information security principles, best practices, and relevant regulations
Experience with a range of security tools and technologies
Familiarity with forensic investigation techniques and tools
Excellent analytical and problem-solving skills
Strong written and verbal communication skills
Ability to work effectively both independently and in a team environment
Experience in liaising with external partners and suppliers on security matters
