Senior Security Engineer

Qualifications 9+ Years of Experience is required Relevant certifications in identity and access management (such as CISSP, CISM, CISA, CGEIT, or vendor-specific certifications) would be advantageous. Professional audit certifications such as CIA (Certified Internal Auditor) or CISA (Certified Information Systems Auditor) would be highly beneficial. Experience with automation tools and scripting to improve operational efficiency would be beneficial. Knowledge of Singapore Government security standards and compliance frameworks would be an added advantage. Familiarity with GRC (Governance, Risk, and Compliance) platforms and audit management systems would be preferred. Technical Experience Proven experience in Identity and Access Management, with particular expertise in user access reviews and privileged access management systems such as CyberArk. Hands-on experience with enterprise identity management platforms and access governance tools. Strong understanding of identity governance principles, including role-based access control (RBAC), segregation of duties, and principle of least privilege. Experience with identity management lifecycle processes including provisioning, de-provisioning, and access certification. IAM Audit and Assessment Skills Demonstrated experience in conducting IAM audits and access assessments across complex enterprise environments. Proficiency in audit methodologies and frameworks specific to identity and access management, including COBIT, COSO, and ITIL. Strong analytical skills with ability to identify patterns, anomalies, and potential security risks through data analysis and system reviews. Experience with audit tools and technologies for automated access analysis, reporting, and compliance monitoring. Knowledge of forensic analysis techniques for investigating access-related security incidents and policy violations. Ability to develop and execute comprehensive audit programmes covering all aspects of identity lifecycle management. Process Management Skills Demonstrated ability to manage complex, multi-stakeholder processes with high attention to detail and accuracy. Experience in coordinating with diverse stakeholder groups to achieve compliance and operational objectives within tight timeframes. Strong project management skills with ability to handle multiple concurrent initiatives whilst maintaining quality standards. Experience in process documentation, improvement, and standardisation activities. Compliance and Risk Management Knowledge of regulatory compliance requirements related to access management and data protection, including GDPR, SOX, and industry-specific regulations. Understanding of risk assessment methodologies and ability to identify and mitigate identity-related security risks. Experience supporting audit activities and maintaining comprehensive audit trails for access management activities. Knowledge of compliance frameworks and standards such as ISO 27001, NIST Cybersecurity Framework, and COBIT. Documentation and Reporting Strong technical writing skills with ability to produce clear, comprehensive audit reports and compliance documentation. Experience in creating executive-level reporting and dashboards for IAM metrics and compliance status. Ability to translate complex technical findings into business impact assessments and actionable recommendations. Proficiency in data visualisation tools and techniques for presenting audit findings and compliance metrics. Communication and Stakeholder Management Excellent interpersonal and communication skills with ability to work effectively with stakeholders at all organisational levels. Strong problem-solving abilities with experience in exception handling and issue resolution. Ability to translate technical concepts into business language for non-technical stakeholders. Experience in managing audit relationships and coordinating with external auditors and regulatory bodies. #J-18808-Ljbffr