Senior Consultant, IT Security

**Senior Consultant, IT Security**:
**Date**:22 Jul 2025

**Location**: Singapore, Singapore

**Company**:Singtel Group

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region.

As a Senior Consultant, IT Security supports the IT Security team in maintaining and enhancing the security posture of the client’s IT systems and networks in an outsourced environment. Under the guidance of the Senior IT Security Manager, the Junior IT Security Officer assists in implementing security measures, conducting vulnerability management, supporting audits, validating identity, and providing security awareness training. The role also involves assisting in security advisory services, firewall rule reviews, and responding to incidents. This position ensures client systems are protected from security threats while ensuring compliance with regulatory standards.

**What will you do?**

**Vulnerability Management**
- Assist in vulnerability scanning and assessments to identify security weaknesses within the client’s environment.
- Help prioritize and track remediation efforts based on the severity and impact of vulnerabilities.
- Collaborate with internal teams to ensure that identified vulnerabilities are mitigated in a timely manner.
- Provide regular vulnerability reports and updates to the Senior IT Security Manager.

**Firewall Rules Review and Management**
- Support the periodic review of firewall rules to ensure proper access control and network segmentation.
- Work closely with network and infrastructure teams to assess and adjust firewall configurations as needed to enhance security.
- Assist in ensuring that firewall rules comply with internal policies and regulatory requirements.

**Audit Support**
- Assist in preparing for and supporting internal and external security audits.
- Provide documentation, logs, and reports to auditors and ensure timely responses to audit requests.
- Help track and resolve audit findings, ensuring corrective actions are implemented to meet compliance requirements.
- Support the maintenance of audit trails for critical security events and activities.

**Identity and Access Management (ID Validation)**
- Assist with user identity validation processes, ensuring proper authentication mechanisms are in place.
- Support the enforcement of access control policies to ensure that only authorized personnel have access to sensitive data and systems.
- Help monitor and audit user access rights, ensuring they align with role-based access controls and least privilege principles.

**Security Awareness Training**
- Assist in the development and delivery of security awareness training programs for client employees and internal teams.
- Help create educational materials to raise awareness about common cybersecurity threats (e.g., phishing, social engineering).
- Track training progress and ensure all employees are regularly updated on security best practices.
- Support client-facing initiatives to promote a culture of cybersecurity within the organization.

**Security Advisory Support**
- Provide support for security advisory services by gathering information on emerging threats and vulnerabilities.
- Assist the Senior IT Security Manager in providing recommendations for mitigating risks associated with new and emerging security threats.
- Help maintain a repository of security advisories, updates, and patches, ensuring timely distribution to relevant stakeholders.

**Incident Response**
- Support the investigation and response to security incidents, gathering data and providing initial analysis.
- Help escalate security incidents and assist in documentation and resolution.
- Participate in post-incident reviews to identify lessons learned and areas for process improvement.

**Risk Management and Compliance**
- Help in conducting risk assessments to identify potential security risks and recommend mitigation strategies.
- Assist with ensuring the client’s environment remains compliant with industry standards and regulations.
- Contribute to the maintenance of security policies, procedures, and controls to ensure compliance and mitigate risks.

**Collaboration and Communication**
- Work closely with other IT Security team members to implement and enforce security policies and practices.
- Communicate effectively with internal teams and client stakeholders about security status, risks, and incidents.
- Provide support in preparing reports, presentations, and security briefings for senior management and clients.

**Continuous Learning and Improvement**
- Stay up-to-da