Cyber Security Consultant

Responsibilities:

The Security Configuration Management resource is responsible for establishing, maintaining, and continuously improving the organization’s IT security configuration management framework across infrastructure, platforms, applications, and endpoints. This role ensures secure-by-default baselines are defined, implemented, evaluated, and enforced, reducing the attack surface and strengthening overall cyber resilience.
The resource will collaborate closely with infrastructure teams, system owners, cybersecurity governance, and audit functions to drive compliance with internal policies, regulatory requirements, and industry frameworks such as the CIS and NIST.

Configuration Standards & Baseline Management

• Ensure secure configuration baselines are developed and maintained for servers, endpoints, databases, network devices, cloud platforms, and other IT assets.
• Align configuration standards to industry best practices (eg. CIS Benchmarks, NIST).
• Ensure baselines are updated regularly to reflect new threats, vulnerabilities, and technology changes.

Configuration Compliance & Control Enforcement

• Track and update the implementation of automated configuration compliance checks using security tools (eg. BigFix, Ansible, Automated Fixing).
• Monitor compliance posture and track drift from approved baselines.
• Identify non-compliant systems and work with product owners to remediate gaps.
• Provide metrics, dashboards, and reports for management, auditors, and regulators.

Continuous Improvement & Automation

• Identify opportunities to automate configuration enforcement and compliance workflows.
• Support DevSecOps initiatives by integrating configuration controls into CI/CD pipelines.
• Evaluate new technologies, tools, and methodologies to enhance configuration security.

Security Control Governance

• Support risk assessments to evaluate adherence to configuration requirements.
• Participate in policy reviews and contribute to security standards documentation.

Skills/Requirement:
Education & Experience

• Bachelor’s degree in Information Security, Computer Science, Engineering, or related field.
• 3–7 years of experience in security configuration management, systems hardening, or cybersecurity operations.

Technical Skills

• Strong knowledge of operating systems (Windows, Linux, Unix) and their hardening practices.
• Familiarity with CIS Benchmarks, NIST, ISO 27001, MAS TRM, or equivalent frameworks.
• Experience with configuration management tools such as:
• Microsoft Intune / SCCM
• Tanium
• Ansible, Chef, or Puppet
• Azure Policy / AWS Config
• Vulnerability scanners (Tenable, Qualys)
• Understanding of cloud platforms (Azure, AWS, GCP) and cloud security controls.

Soft Skills

• Strong analytical and problem-solving abilities.
• Excellent communication skills for cross-team collaboration.
• Ability to work independently and manage multiple priorities.
• Strong attention to detail with a focus on accuracy and quality.

Interested candidates, who wish to apply for the above position, please send in your resume [email protected] 

We regret to inform that only shortlisted candidates will be contacted

PERSOL Singapore Pte Ltd EA License No. 01C4394 EA Reg No: R24123179 (Ajay Sharma)

By sending us your personal data and curriculum vitae (CV), you are deemed to consent to PERSOL Singapore Pte Ltd and its affiliates to collect, use and disclose your personal data for the purposes set out in the Privacy Policy available at https://www.persolsingapore.com/policies. You acknowledge that you have read, understood, and agree with the Privacy Policy.