Senior Information Technology Security Officer

Senior Information Technology Security Officer Senior Information Technology Security Officer

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Avensys Consulting

Avensys is a reputed global IT professional services company headquartered in Singapore. Our service spectrum includes enterprise solution consulting, business intelligence, business process automation and managed services. Given our decade of success we have evolved to become one of the top trusted providers in Singapore and service a client base across banking and financial services, insurance, information technology, healthcare, retail, and supply chain.

We are currently looking to hire Cloud ITSO. This is an exciting opportunity to expand your skill set, achieve job satisfaction and work-life balance. More details as below.

Job Description – IT Security Officer

You will be part of a team of highly motivated individuals in the IT Governance Team. You should have proven track records in areas of Stakeholder Management, IT Service Management, Cybersecurity Incident Management, IT Security Management, and IT Security Compliance & QA Management. You should also be familiar with relevant IT Infrastructure domains.

If you thrive on being part of IT Services delivery and on transforming the clients' operation, then this is the position for you. Your 'hands-on' knowledge, vast exposure and wealth of experience either in vendor and/or user environments, coupled with a driven and self-motivated personality, will ensure your success.

Responsibilities

You will be performing the following scope of work for the IT Security systems and devices for a key client.

1. IT Service Management

2. Cybersecurity Incident Management

3. IT Security Management

4. IT Security Compliance & QA Management

6. Security Operation and Monitoring tool Management

The following are the activities in each scope of work:

Service Management

• Monitor and report on the SLA/KPI of the in-scope systems, grouped under the System Family, to the client

• Liaise and work directly with client (stakeholders, Ops Managers and/or Contractors) for purpose of project delivery and maintenance support.

• Monitor and update client on operation concern and/or compliance matters and propose resolution.

• Provide monthly summary and/or progress report on systems health, statuses, risk status and status of CR/SR and System Problem.

• Conduct and/or participate in management update meetings - Operations, Audit and Management Meeting.

• Review reports from Operations & Support (O&S) project teams within the System Family .

• Provide support to O&S Project teams during Audit, DR/BCP, Backup & Recovery exercise.

• Propose continuous improvement initiatives with recommendations to strengthen IT governance & compliance, increase efficiency on work quality and processes.

• Prepare Management plan and submit compilation to the Client annually

IT Configuration Management

• Periodically review IT asset inventory (hardware, software, network equipment, network attached equipment and end-points) records maintained and updated by Client appointed Asset Officer.

• Maintain oversight and review the Obsolescence at System Family Level.

• Prepare and submit report to Client

• Lead investigation and resolution of Security incident

• Conduct root cause analysis and recommend improvement solution for recurrent incident to Client.

IT Security Management

• Schedule security scan for identified systems according to policies and verify all vulnerability rectifications are satisfactorily performed.

• Conduct Security Review on System Access and administration patterns weekly, and report unusual or suspicious activities, if any, to client.

• Track, mitigate and deploy patch security vulnerabilities accordingly to the stipulated timeline. Maintain oversight and submit reports on monthly basis.

• Escalate and/or seek Client's acceptance and approval of assessed risks.

• Manage and administer any security monitoring tools including splunk, arcsight, EDR are addon advantage.

IT Security Compliance & QA Management

• Ensure compliance status of the Systems adheres to applicable standards, polices, directives and guidelines.

• Review weekly/monthly account review based on the requirements.

• Review weekly/monthly log review based on the requirements.

• Declare, review and report compliance status to head office annually.

• During audit exercise, work with stakeholders to provide responses and evidence to auditors or compliance related declarations.

• Provide a Rectification Plan on any gaps found.

• Provide rectification plan for issues arising from audit.

• Seek waiver on compliance whenever it is justifiable.

• Ensure all applicable standards, policies, directives, guidelines, deliverables and quality assurance records are filed and kept up to date for audit and review purposes.

• Work with Client on system enhancement required for policy changes and audit requirements.

The ideal profile should have / be:

• B.E/B.Tech or any qualified Degree in Information Systems, Computer Science or similar relevant field

• Certification in CISSP / CISA / CISM / CRISC / CGEIT for IT Security is a must

• At least 5 years of relevant experience in Cybersecurity / information systems security practice including governance, managing security policies and systems and assessing threats and vulnerabilities with at least 10 years of IT experience

• Well-versed and experienced in relevant IT Infrastructure domains will be an advantage

• Self-motivated, creative with excellent presentation, communication, negotiation and interpersonal skills including strong persuasive techniques

• Able to lead, develop and maintain respectful and trusting relationship

• Experience in leading a team is preferred

• Outstanding organizational and time management skills

• Analytical thinker and problem solver

• Attention to details

• Manage issues & risks and ensure timely escalation

• Ability to manage concurrent tasks

WHAT'S ON OFFER

You will be remunerated with an excellent base salary and entitled to attractive company benefits. Additionally, you will get the opportunity to enjoy a fun and collaborative work environment, alongside a strong career progression.

To submit your application, please apply online or email your UPDATED CV in Microsoft Word format to Your interest will be treated with strict confidentiality.

CONSULTANT DETAILS

Consultant Name: Deepa Shivakoti

EA Licence 12C5759

Privacy Statement: Data collected will be used for recruitment purposes only. Personal data provided will be used strictly in accordance with the relevant data protection law and Avensys' privacy policy.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Contract

Job function

• Job function Consulting
• Industries IT Services and IT Consulting and Computer and Network Security

Referrals increase your chances of interviewing at Avensys Consulting by 2x

Sign in to set job alerts for "Information Technology Developer" roles. Assistant Technology Consultant / Consultant Junior Business IT Consultant – Microsoft Services End User Services, Workplace Technology Engineer Technical Solutions Consultant, Sovereign Cloud Workplace Technology Engineer (End User Services) Workplace Technology Engineer (End User Services) IT Specialist (PeopleSoft Campus Solutions) - Contract IT Solutions Consultant – Digital Workplace (Singapore)

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

---