IT Security Specialist

**About Us**
The mission of Housing & Development Board (HDB) is to provide affordable, quality housing and a great living environment where communities thrive. To achieve its mission, HDB aims to be data-driven to the core and adopt evidence-based decision making in developing better housing policies service, improving service delivery and optimising operations.

**What Will You Do?**
- ICT Security Governance:
Develop and implement enterprise-wide ICT security programmes as follows:
i. Establish the cybersecurity governance structure for HDB to ensure that the security posture is robust, resilient, and pragmatic

ii. Enhance and update the IT security policy, standards, procedures so that they are always current against the evolving cyber security landscape

iii. Manage the compliance with the GovTech ICT/SS Security Policies, Initiatives, Measures and the relevant Government Instruction Manual to further strengthen the WOG and HDB ICT security posture.

iv. Establish the governance and administer the Third-Party Management Policy and Procedure
- Cybersecurity Awareness Outreach

Manage and implement Cybersecurity Awareness Framework to promote IT security awareness and outreach programme as follows:
i. Raise HDB management and staff’s security awareness and appreciation of ICT Security to ensure HDB’s information assets are protected.

ii. Create good staff cyber security hygiene through regular ICT Security outreach programme such as annual ICT Security Awareness Talk, security advisories, conduct of Phishing exercise, road show.

iii. Keep abreast of key technology and skillset in the industry to maintain ICT Security personnel skills development.

iv. Identify various channels for the conduct of the security program such as cyber range exercises, technical certification, gamification.
- Identity & Access Management

To establish procedures and standards for the Identity and Access management in HDB as follows:
i. To administer and manage the user accounts and privileged access, so as to safeguard the confidentiality of ICT assets and systems in HDB.

k. Digital Certificate Management
- Quality Audit and Security Reviews

a. To serve as an independent party to perform quality auditing and report to Management on the observations and recommendations.

You are also to:

- keep abreast of the latest industry ICT security practices and technologies as well as emerging threats and vulnerabilities and recommend appropriate controls for implementation to improve the enterprise security posture.
- lead and/or participate in the adoption of new technological advances and best practices in infrastructure security systems to mitigate security risks

**You will be a Great Fit if you**:
You should possess a strong background in ICT Security, Information Security, Information Technology, Computer Science, Engineering (Computing/Telecommunication), Cybersecurity and/or Digital Forensic or equivalent.
At least 1 years of direct and relevant full-time ICT security work experience
Preferably possess one or more appropriate IT security certifications, such as CISSP, CRISC, CISM, CISA, CEH, etc
Preferably with strong knowledge and experience in information and cybersecurity risks, controls, vulnerability assessment/penetration testing, compliance, and industry IT/cyber security best-practices.

**Good to Have**:

- Domain knowledge of access control; telecommunications and network security; cloud security; Cybersecurity & information security governance and risk management; software development security; cryptography; security architecture and design; operations security; security incident response and management; business continuity and disaster recovery planning; legal regulations, investigations, and compliance; physical (environmental) security
- Knowledge in IT security principles and IT controls as well as industry best practices and frameworks pertaining to IT Controls (IM8, COBIT, ISO27001/2 etc.)
- Good understanding of the current IT/Cyber Security landscape
- to work beyond business hours including weekend when necessary
- possess good interpersonal and communication skills
- demonstrate a strong sense of urgency and have good troubleshooting and problem-solving skills with good attention to detail
- have good command of written and oral English