Responsibilities

• Keep abreast of Information/Cyber Security development and trends and work with industry to evaluate potential security offerings, including product evaluations, proof of concept and pilots

• Plan, lead and implement new Information Security initiatives within company

• Conduct security review, IT security risk assessment and maturity model assessment for Infocomm Infrastructure

• Conduct Policy Compliance Self-Assessment

• Perform the role of Project Security Risk Assessment (PSRA) from the project onset till system commission

• Provide consultancy/advisory in areas of Information/Cyber Security

• Review system design, network design and application architecture design from IT security perspective and provide recommendations/mitigating measures

• Be the Audit Liaison officer to all IT Audits

• Administer Security products RSA Archer and DLP solutions

• Manage the IT Risk Register and work with relevant teams to assess and monitor all IT risk/non-compliance items till closure

Requirements:

• Minimum 5 years' relevant IT working experience in areas of IT Risk, Governance or Information/Cyber security

• Good knowledge of industry best practices and frameworks pertaining to IT Controls (IM8, MAS TRM Guideline, COBIT, ISO27001/2 etc)

• Possess in-depth hands-on experience in one or more of the following areas: Infrastructure, Database, Network, Application or Mainframe

• Preferably has experience in IT Risk management or Secure Software Development Architecture

• Preferably possess one or more appropriate IT security certifications, such as CISSP, CRISC, CISM, CISA, CEH, etc

Octavius, Whei Jie Yong EA License No.: 02C3423 Personnel Registration No.: R1110096