IT Security Officer

Job Description

As an IT specialist, you will be responsible for implementing and maintaining security controls at key IT systems and processes to secure the IT environment

Role

• Work with management and IT on continuous assessment of IT governance and risk management, identify gaps and drive action plans to address them
• Closely track risk findings, action plans, and residual risks. Ensure that residual risks are signed off by appropriate authorities
• Maintain and provide advisory support for IT Security policies and standards, and ensure alignment with regulatory requirements
• Assess risks from deviations to policies and standards, and provide advisory and follow-up to help IT and business achieve compliance
• Plan and conduct IT Security training and awareness sessions for staff, senior management, the Board, and customers
• Conduct phishing exercises, improve risk awareness and foster a strong IT security culture among staff
• Implement and maintain IT Information Asset inventory, and ensure that the inventory is updated
• Lead and conduct cyber incident scenario planning and tabletop exercises
• Provide regular risk reporting, such as Key Risk Indicator (KRI) reporting, audit point tracking, and security incident learning point tracking
• Manage and monitor IT security systems and draw insights to improve the protection of data, systems, and networks
• Conduct vulnerability scanning and coordinate penetration testing of on-premise and cloud workloads
• Lead IT security initiatives to strengthen IT security posture
• Ensure that data and infrastructure are protected by enabling security controls, hardening relevant systems and implementing appropriate monitoring
• Maintain IT outsourcing register and contract. Conduct Third Party Risk Management and conduct periodic Third-Party risk assessment and due diligence checks on vendors

Qualifications

• Fresh graduates with relevant skill sets or internship experience may apply. 2-3 years of working experience in IT security domains such as governance, risk and compliance, Business Continuity Management or in IT operations preferred.
• Strong interpersonal and communication skills are a must
• Team player and ability to work independently when the need arises
• Strong organization skills and keen attention to details
• Industry/cloud certifications (e.g. CISM, CISSP, AWS certifications) and understanding of relevant IT controls framework (e.g. CIS, ISO, ITIL, Cyber Security Framework) would be a bonus

If you are interested in this position, please click "Apply Now" and we will review your qualifications & reach out to you for further discussion & next steps.

Only shortlisted candidates will be responded to, therefore if you do not receive a response within 14 days please accept this as notification that you have not been shortlisted.

EA Licence No: 11C5502
Registration No: R1876903