We are seeking an experienced Senior Executive/Assistant Manager, IT Security to join our team supporting travel services products and hospitality operations. The role will focus on protecting our IT infrastructure, applications, and customer data, ensuring compliance with industry best practices and regulatory requirements.
This is a 2-year contract position, ideal for candidates with hands-on experience in security monitoring, incident response, and IT governance within dynamic business environments.
Responsibilities:
- Monitor security systems to detect, identify, and respond to attacks, intrusions, anomalous activities, and misuse.
- Follow and enforce cyber defense policies, procedures, and regulations.
- Analyze network traffic and log files (host, firewall, IDS/IPS) to identify potential security threats.
- Correlate alerts from multiple sources and determine root causes.
- Maintain and fine-tune monitoring solutions and correlation rules for effective threat detection.
- Perform network topology reviews to understand data flows and potential vulnerabilities.
- Develop, maintain, and execute security incident response methodologies and ensure escalation within SLA.
- Review and optimize automated workflows in SOAR (Security Orchestration, Automation, and Response) solutions and advise the internal CERT (Computer Emergency Response Team).
- Develop, update, and enforce IT security policies aligned with Singapore Government Instruction Manual and industry best practices.
- Collaborate with internal teams to audit IT systems, ensuring statutory compliance and risk management.
- Provide guidance on IT security risk assessments for new projects and business applications.
- Liaise with auditors and government agencies to support IT security audits and investigations.
- Lead security awareness initiatives and training for general users.
- Maintain Disaster Recovery Plan (DRP) & Incident Recovery Plan (IRP) in alignment with Business Continuity Plans (BCP) and conduct regular IT system risk assessments and lead Tabletop Exercise (TTX) with IT development team.
- Support project teams to ensure timely compliance reporting to internal and external stakeholders.
- Participate in IT security architecture reviews and maintain security inventories (risk registers, risk assessments, application inventories, security cartography).
- Conduct source-code reviews on critical applications and contribute to secure software development practices as required.
- Periodically report security status and trends to Senior IT Manager.
Requirements:
- Bachelor's Degree in Information Technology, Computer Engineering, Computer Science, or a related field.
- Minimum 5 years, up to 7 years of relevant IT security experience, preferably in travel, hospitality, or customer-facing services.
- Relevant certifications in IT Governance, Security, or Project Management (e.g. CISSP, CISM).
- Experience with Dynamic Application Security Testing (DAST) tools and web application vulnerability scanning per OWASP Testing Guide.
- Strong knowledge of IT security concepts, network administration, and software development security.
- Experience with common security products (RSA, Symantec, firewalls, IDS/IPS).
- Knowledge in hardening operating systems and security best practices (e.g. CIS Benchmarks, PCI DSS, HIPAA, NIST frameworks)
- Strong analytical, problem-solving, communication, and report-writing skills.
- Detail-oriented, resourceful, and able to handle multiple priorities in a dynamic work environment.
- Confident and professional in managing internal and external stakeholders.
- Advantage: background in Information Systems or experience with hospitality/travel technology systems.
