Lead IT Consultant (IT Security), Communications and Information Technology
Job ID:
23948
Location:
Singapore
Discipline:
Information Technology
Job Views:
100
Job Description:
As the Lead IT Consultant, you will support the Communications & Information Technology division in all SIT's IT security initiatives
Job Responsibilities:
- Lead the IT Security team to manage and all IT security-related matters that support SIT’s business objectives and strategies.
- Develop and carry out IT security policies and plans.
- Conduct security review of existing systems on their ability to provide adequate defence against the latest security threats.
- Conduct vulnerability assessments and penetration tests for all critical IT systems.
- Drive and conduct IT Security awareness and training like security talks, phishing simulation and incident response exercises.
- Manage and investigate all cyber security alerts and notifications from cyber surveillance and threat intelligence to identify root cause and impact for effective containment, mitigation and future improvements.
- Manage and investigate all IT Security incidents to identify root cause and impact for effective containment, mitigation and future improvements.
- Engage IT project teams throughout the SDLC to identify and prioritize applicable security controls and provide guidance on how to implement these controls.
- Jointly perform, monitor, track and review with IT Governance team and other IT teams on all information systems and infrastructure and security.
- Maintain and enhance the Information Security risk assessment methodology.
- Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit.
- Act as Subject Matter Expert (SME) in security technologies and provide knowledge sharing and technical assistance to other team members.
- Define security configuration standards for platforms and technologies.
- Detailed reporting on IT security initiatives, scans, incidents to SIT management and statutory reporting to MOE.
- Research new security technologies, threats and vulnerabilities and implement necessary measures such as EDR/XDR, DAM, MDM, Microsoft AIP, VMS, CASB, PAM, IAM, 2/MFA, NAC, Red Teaming.
Key Requirements:
- Degree in Computer Science, Information Technology or related disciplines.
- Minimum 8-10 years of experience in Information and Cyber Security.
- Good knowledge and experience with cloud security of Amazon Web Services (AWS), Microsoft Azure and SaaS solutions, security standards and frameworks like NIST, ISO27001, MTCS, CSA Security-by-Design (SBD) and Personal Data Protection Act (PDPA) is essential; familiarity with Government IM and PCI-DSS is desirable.
- Other relevant certifications such as CISSP/CISA/CISM, CREST, CEH, CHFI would be advantageous.
- Demonstrated leadership and adaptability, with willingness to readily and voluntarily take ownership of highly challenging tasks and problems, even beyond initial scope of responsibility.
- Ability to handle multiple tasks concurrently and meet deadlines, while maintaining focus despite conflicting demands.
Posted:
21/03/2024