Search by job, company or skills

A

Security Analyst

avensys services pte. ltd.
Singapore, Ang Mo Kio
3-6 Years
SGD 6,000 - 9,200 per month
new job description bg glownew job description bg glownew job description bg svg
  • Posted 10 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Avensys is a reputed global IT professional services company headquartered in Singapore. Our service spectrum includes enterprise solution consulting, business intelligence, business process automation and managed services. Given our decade of success, we have evolved to become one of the top trusted providers in Singapore and service a client base across banking and financial services, insurance, information technology, healthcare, retail and supply chain.

We are currently looking to hire a Security Analyst. This is an exciting opportunity to expand your skill set, achieve job satisfaction and work-life balance. More details as below.

JOB TYPE:

Long Term Contract

Job Description Overview

Responsibilities:

1. Security Policy Development and Enforcement

- Develop, implement, and maintain IT security policies, procedures, and protocols.

- Ensure that security measures align with business needs, regulatory requirements, and industry standards.

- Review and update policies regularly to address emerging threats.

2. Risk Management

- Assess potential security risks and vulnerabilities within the IT infrastructure.

- Perform risk analysis and recommend appropriate security controls.

- Implement security measures to mitigate identified risks.

3. Incident Response and Management

- Lead efforts in detecting, investigating, and responding to security breaches and incidents.

- Establish incident response plans and procedures for handling security threats.

- Work with other teams (e.g., legal, communications) to manage incident communications and post-incident analysis.

4. Security Monitoring and Auditing

- Continuously monitor IT systems, networks, and applications for signs of security incidents or breaches.

- Implement and maintain security tools, such as firewalls, antivirus software, and intrusion detection systems.

- Regularly audit systems to ensure compliance with security standards and best practices.

5. Compliance and Regulatory Requirements

- Ensure the organization complies with relevant security standards, such as GDPR, HIPAA, PCI-DSS, or other industry regulations.

- Conduct regular compliance assessments and audits.

- Collaborate with legal and regulatory bodies to ensure that security measures are in place.

- Generate reports for accounts review, logs reviews, patch status review, hardening compliance, etc

- Worked with systems owners to ensure vulnerabilities or non-compliances are fixed.

6. Training and Awareness

- Provide cybersecurity training and awareness programs to employees to promote safe practices.

- Conduct simulations and drills (e.g. phishing exercises) to test employee preparedness.

- Keep staff informed about current cybersecurity threats and best practices.

7. Network and System Security

- Oversee the design and implementation of secure network architectures.

- Ensure the proper configuration of firewalls, encryption protocols, VPNs, and other security mechanisms.

- Conduct regular security assessments and penetration tests to identify weaknesses in systems.

8. Collaboration and Communication

- Collaborate with other departments, such as IT operations, legal, and compliance teams, to ensure comprehensive security measures.

- Act as a liaison between management and technical teams for cybersecurity matters.

- Communicate security risks and threats to executive leadership in a clear and actionable manner.

9. Security Tool Selection and Implementation

- Evaluate, select, and deploy security tools, software, and solutions to enhance system protection.

- Stay up-to-date with emerging security technologies and trends.

- Ensure that the tools are properly configured and maintained.

10. Disaster Recovery and Business Continuity Planning

- Develop and implement disaster recovery and business continuity plans to ensure that the organization can continue to operate after a security incident or disaster.

- Ensure backups are conducted regularly and can be restored in the event of a system failure or cyberattack.

11. Vendor and Third-Party Security

- Assess the security practices of third-party vendors and partners to ensure they meet security requirements.

- Develop and enforce security standards for external service providers and contractors.

12. Reporting and Documentation

- Generate regular reports on the state of the organization's IT security.

- Document security incidents, actions taken, and lessons learned.

- Maintain records of security assessments, audits, and compliance activities.

Qualifications

Requirements

- Typically, 5+ years of experience in IT security or a related role (such as network security or cybersecurity analyst) is required.

- Proven experience in handling and resolving security incidents, breaches, and vulnerabilities

- Experience with security audits and ensuring compliance with standards like IM8, AGO etc

- Deep understanding of cybersecurity principles: Knowledge of encryption, access control, firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and other security technologies.

- Risk Management: Proficiency in identifying, assessing, and mitigating cybersecurity risks.

- Networking knowledge: Understanding ofnetwork protocols (TCP/IP, DNS, HTTP/S, etc.), network security practices, and technologies (e.g., firewalls, routers, VPNs).

- Operating Systems: Strong familiarity with various operating systems (Linux, Windows, Unix, etc.) and their security configurations.

- Incident Response: Expertise in managing and responding to security incidents, including identifying, mitigating, and reporting breaches or attacks.

- Vulnerability Assessment & Penetration Testing: Ability to assess vulnerabilities and conduct penetration tests to identify weaknesses in systems.

- Security Tools: Proficiency in security software and tools such as SIEM (Security Information and Event Management), antivirus programs, firewalls, encryption tools, and network monitoring solutions.

- Handle security incidents and alerts from GCSOC, GICS and security devices

- Leadership and Management Skills: Ability to lead teams and manage cross-functional collaboration, especially during incidents or implementation of security measures.

- Strong Analytical Skills: Ability to analyze security incidents, logs, and vulnerabilities and make informed decisions to mitigate risks.

- Problem-Solving: Strong problem-solving ability, especially in high-pressure situations, such as security incidents or breaches.

- Communication Skills: Ability to clearly communicate complex technical issues to non-technical stakeholders, including senior leadership, staff, and external partners.

- Familiar with AWS or Azure Security requirements is added advantage

- Having experience in WOG environment is a plus

- Having experience in GCC Cloudscape and Glasspanel is a plus

- Preferably with CISA for Governance, Comptia Security +, CEH and ITIL certification.

CONSULTANT DETAILS

Consultant Name: Khalid Farooq

Avensys Consulting Pte Ltd

EA Licence 12C5759

Privacy Statement: Data collected will be used for recruitment purposes only. Personal data provided will be used strictly in accordance with the relevant data protection law and Avensys'personal information and privacy policy

More Info

Job Type:
Permanent Job
Industry:
Other
Employment Type:
Full time

Job ID: 144963995

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 25-03-2026 10:47:10 PM
Homejobs in SingaporeSecurity Analyst