Responsibilities
Keep abreast of Information/Cyber Security development and trends and work with industry to evaluate potential security offerings, including product evaluations, proof of concept and pilots
Plan, lead and implement new Information Security initiatives within company
Conduct security review, IT security risk assessment and maturity model assessment for Infocomm Infrastructure
Conduct Policy Compliance Self-Assessment
Perform the role of Project Security Risk Assessment (PSRA) from the project onset till system commission
Provide consultancy/advisory in areas of Information/Cyber Security
Review system design, network design and application architecture design from IT security perspective and provide recommendations/mitigating measures
Be the Audit Liaison officer to all IT Audits
Administer Security products RSA Archer and DLP solutions
Manage the IT Risk Register and work with relevant teams to assess and monitor all IT risk/non-compliance items till closure
Requirements:
Minimum 5 years' relevant IT working experience in areas of IT Risk, Governance or Information/Cyber security
Good knowledge of industry best practices and frameworks pertaining to IT Controls (IM8, MAS TRM Guideline, COBIT, ISO27001/2 etc)
Possess in-depth hands-on experience in one or more of the following areas: Infrastructure, Database, Network, Application or Mainframe
Preferably has experience in IT Risk management or Secure Software Development Architecture
Preferably possess one or more appropriate IT security certifications, such as CISSP, CRISC, CISM, CISA, CEH, etc
Octavius, Whei Jie Yong EA License No.: 02C3423 Personnel Registration No.: R1110096