IT Security Officer

Our client, one of Asia-Pacific’s leading organizations is looking for:
IT Security Officer

Responsibilities:

• Develop and maintain cybersecurity standards, procedures, configurations or rulesets for the systems and services based on industrial best practices and IM8 compliance. Perform risk assessments on system deviations and new project functionalities.
• Conduct system hardening checks and exercises based on CIS Benchmarks/IM8 and perform security reviews to ensure remediation of audit findings, which may include table-top or simulation exercises. 
• Monitor and respond to security Requests for Information (RFI)/alerts/incidents (e.g., Indicators-Of-Compromise (IOC) scanning, phishing, malware, and endpoint alerts), including coordination with various system or service operators, identifying potential threats and performing basic triaging prior to escalation to next level security responder and updates to stakeholders.
• Perform vulnerability assessment or system penetration test activities using automated and manual tools with recommendation for actionable remediation controls. Understand the published vulnerabilities with their respective security patches with context to the deployed system and perform risk assessment onto them.
• Monitor and notify security patches releases for the various environment (End-User computing, On-Premise Office Networking, GCC, GCC+). Involve in the security patch assessment rating based on standards like Common Vulnerability Scoring System (CVSS) as well as with the context of the deployed environment.
• Act as the primary interface for internal and external auditors. You will coordinate the Request for Information (RFI) process, ensuring that evidence is collected and provided promptly.
• Act as a bridge between technical teams and management. This includes presentation or reporting on the vulnerability scanning results, security testing results, security incident or security posture of systems and conducting security awareness training for users. 

Requirements:

• Bachelor’s degree in computer science, Information Technology, Cybersecurity, or a related field with 6 years of relevant experience.
• Experience in one or more of the following domains: Network security design, applications secure development, cryptography, secure mobility management, cloud hosting design and implementation, DevSecOps, etc.
• Experienced in working with cross-functional, multi-disciplinary teams or contractors to formulate and security policies, standards, procedures and configurations
• Possessing security certifications such as SANS GCIH, CISSP, CISM, CISA and Azure or AWS cloud service security specialty is an added advantage.
• Proficient with tools like Tenable, Nessus, and Splunk.
• Familiar with cloud security platforms (e.g., AWS Security Hub, Microsoft Defender/Sentinel for Cloud).
• Understand cybersecurity investigation processes and vulnerability assessment/penetration testing (VAPT).
• Good interpersonal and stakeholder management skills with presentation skills, and the ability to write clearly, concisely, and within context.
• Government sector experience, healthcare industry knowledge, and digital transformation background would be advantageous.

-----------------------------------------------------------------------------------------------------------------------------------

Interested applicants can also email CV at [email protected] (for faster processing, please state the exact job / position title applied “IT Security Officer”

Only shortlisted candidates will be notified.

-----------------------------------------------------------------------------------------------------------------------------------

EA License Number: 10C3636
EA Personnel Name: Jagveer Singh Arora
EA Personnel Registration Number: R22109615

By applying for this role, you have read and acknowledge the Data Privacy statement - http://www.nsearchglobal.com/data-protection-notice/