Senior Cybersecurity Specialist (2 Years Contract)

Reporting to the Head of Cyber and Governance, the Senior Cybersecurity Specialist will be responsible for supporting the organisation's cybersecurity operations and governance initiatives.

This role involves hands-on management of security monitoring activities, incident response, enterprise security solutions, and cybersecurity governance processes to ensure the organisation maintains a

strong security posture and complies with relevant cybersecurity frameworks and regulatory requirements.

The role works closely with internal IT teams, business stakeholders, and external vendors to monitor threats, manage vulnerabilities, respond to security incidents, and strengthen cybersecurity governance across the organisation.

Vulnerability and Security Monitoring

• Review and analyse security reports including vulnerability assessments and penetration testing results.
• Track identified vulnerabilities and coordinate remediation efforts with infrastructure and application teams.
• Monitor the effectiveness of implemented security controls and provide recommendations for improvements.

Security Awareness and Organisational Preparedness

• Support cybersecurity awareness initiatives including phishing simulations, staff training sessions, and security workshops.

• Assist in planning and conducting Business Continuity Planning (BCP) and tabletop exercises and organisation-wide emergency drills where cybersecurity scenarios are involved.

Cybersecurity Governance and Risk Management

• Conduct security risk assessments and support the development of risk treatment and mitigation plans.

• Support third-party risk management activities including vendor security assessments and due diligence review.

• Establish and maintain cybersecurity guidelines, procedures, and standard operating procedures (SOPs) in alignment with organisational security policies.

• Collate and analyse cybersecurity metrics and key risk indicators to support organisational security reporting.

Audit, Compliance and Assurance

• Support internal and external cybersecurity audits including Information Security (IS) audits and Cyber Trust Mark assessments.

• Ensure cybersecurity practices align with applicable security frameworks, regulatory requirements, and organisational policies.

• Assist in preparing evidence, documentation, and audit artefacts required for compliance reviews.

Security Operations (SOC Support)

• Secondary support of daily cybersecurity operations including monitoring of security alerts, threat advisories, and incident.

• Secondary support in monitoring and managing enterprise security platforms including SIEM, antivirus/endpoint protection, privileged access management (PAM), and phishing awareness platforms.

• Manage and investigate cybersecurity incidents such as phishing reports, suspicious activities, malware alerts, and potential security breaches.

• Track and manage cybersecurity incident tickets and coordinate with relevant teams for investigation, remediation, and closure.

• Provide support for threat intelligence monitoring and respond to emerging cybersecurity threats or advisories.

Security Advisory and Project Support

• Provide cybersecurity advisory and support to application and infrastructure teams for new technology initiatives and system implementations.

• Review security requirements in project proposals, tender specifications, and architecture designs to ensure appropriate security controls are incorporated.

• Collaborate with IT teams and vendors to ensure secure and timely deployment of security solutions.

Collaboration and Vendor Management

• Work closely with internal stakeholders and external vendors to manage security tools, ensure service performance, and support operational improvements.

• Assist in coordinating incident response exercises and operational readiness activities.

Requirements:

• Possess a diploma / degree in Information Technology, Cyber Security or related fields
• Preferably 3-5 years of experience in relevant cybersecurity fields
• Experience in managing security solutions such as Proficio, Tenable, Enterprise Antivirus Solution, PAM, 2FA or other similar security technology stack.
• Experience in supporting Cyber Controls in Cloud Environment (e.g. AWS or Azure) is preferred
• Ability to work with distributed teams to operate, institute real time awareness of security posture and baseline
• Able to engage and manage stakeholders
• Ability to communicate complex concepts clearly across different audiences and varying levels of the organization
• Experience in Project Management will be advantageous
• Experience and knowledge in cybersecurity standards such as Cyber Trust Mark, ISO27001, NIST, etc. will be advantageous
• Passion in contributing to a social purpose through technology
• Highly driven, willingness to learn
• Certifications are encouraged and demonstrate continuous learning and intake of standard methodologies applicable for this role. Eg. CISSP/ CISM/ CISA certifications or equivalent