NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 14,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.
Job Description
The Cloud Security Administrator is responsible for managing and maintaining the security posture of cloud-based systems and services. This role oversees security incident management, vulnerability management, compliance reviews, and security operations reporting, ensuring adherence to organizational policies and regulatory requirements. The engineer works closely with development teams, third-party security consultants, and stakeholders to assess risks, remediate vulnerabilities, conduct security testing and exercises, and continuously strengthen cybersecurity controls across the cloud environment
Responsibilities
- Security Admin is responsible for the Security Incident Management and reporting and Security operation monthly reporting to Authority.
- Generate monthly security reports to be included into the O&M monthly progress reports.
- Review Ship-Hats Vulnerability reports during System Enhancements (SR implementations) and guide developers to fix the vulnerability issues and answer LTA for any vulnerability justifications.
- Review the compliance of the EC3S system with the IM8 policy.
- Host third-party security consultants during annual VAPT and follow up on rectification actions based on VAPT reports.
- Any Host Configuration issues found during annual VAPT, security engineer review and fix the issues
- Conduct Annual Table Top Exercise to strengthen cybersecurity practices
- Review Risk Register on monthly basis and conduct Annual Risk Register Review along with LTA project team
- Manage ad-hoc security incidents
- The Security Administrator's responsibilities shall comprise minimally all Network Security Group, Security Logging, Log Reviews, PIM Administration, Audits and any other security-related work.
Qualifications
- At least five (5) years of experience in performing reviews of software security, software development processes and other security-related works.
- Possess industry accepted security certifications (such as Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA), Certified Information Systems Manager(CISM) or equivalent).
- Strong understanding of Azure cloud platform, Network security, Container Security, firewalls, VPCs, VPNs
- Hands-on experience with Cloud security tools such as sentinel, Azure Monitor, Trend Micro, Defender and carbon black
- DevSecOps practices (CI/CD security, SAST/DAST)
- Effective communication, interpersonal and analytical skills.
Additional Information
We are driven by our AEIOU beliefsAdventure, Excellence, Integrity, Ownership, and Unityand we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future.
Together, we make the extraordinary happen.
Learn more about us at ncs.co and visit our LinkedIn career site.
We are driven by our AEIOU beliefsAdventure, Excellence, Integrity, Ownership, and Unityand we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future.
Together, we make the extraordinary happen.
Learn more about us at ncs.co and visit our LinkedIn career site.
Scam Alert
We are aware of fraudulent job offers and impersonations of NCS recruiters. Phishing emails using convincing-looking but fake addresses are also commonly used to trick you into thinking that they come from official NCS sources.
Please note that all official communications from NCS Group will only be sent from verified corporate email addresses. Always check that the sender's email address ends with the genuine NCS domain, @ncs.com.sg and beware of extra letters, symbols or misspellings. When in doubt, verify the sender's identity by contacting us at [Confidential Information].
