IT Security Officer

Date: 17 Dec 2024

Location: Singapore, Singapore

Company: Singtel Group

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region. 

 

We’re searching for an IT Security Officer to be part of our diverse team of talents here at NCS!

 

If you believe in going above and beyond, want to exemplify the best, and wish to bring people and technology together like never before, then we would love to have a conversation with you!

 

Overview

The IT Security Officer supports the IT Security team in maintaining and enhancing the security posture of the client’s IT systems and networks in an outsourced environment. Under the guidance of the Senior IT Security Manager, the IT Security Officer assists in implementing security measures, conducting vulnerability management, supporting audits, validating identity, and providing security awareness training. The role also involves assisting in security advisory services, firewall rule reviews, and responding to incidents. This position ensures client systems are protected from security threats while ensuring compliance with regulatory standards.

 

What we seek to accomplish together:

Vulnerability Management

  • Assist in vulnerability scanning and assessments to identify security weaknesses within the client’s environment.
  • Help prioritize and track remediation efforts based on the severity and impact of vulnerabilities.
  • Collaborate with internal teams to ensure that identified vulnerabilities are mitigated in a timely manner.
  • Provide regular vulnerability reports and updates to the Senior IT Security Manager.

Firewall Rules Review and Management

  • Support the periodic review of firewall rules to ensure proper access control and network segmentation.
  • Work closely with network and infrastructure teams to assess and adjust firewall configurations as needed to enhance security.
  • Assist in ensuring that firewall rules comply with internal policies and regulatory requirements.

Audit Support

  • Assist in preparing for and supporting internal and external security audits.
  • Provide documentation, logs, and reports to auditors and ensure timely responses to audit requests.
  • Help track and resolve audit findings, ensuring corrective actions are implemented to meet compliance requirements.
  • Support the maintenance of audit trails for critical security events and activities.

Identity and Access Management (ID Validation)

  • Assist with user identity validation processes, ensuring proper authentication mechanisms are in place.
  • Support the enforcement of access control policies to ensure that only authorized personnel have access to sensitive data and systems.
  • Help monitor and audit user access rights, ensuring they align with role-based access controls and least privilege principles.

Security Awareness Training

  • Assist in the development and delivery of security awareness training programs for client employees and internal teams.
  • Help create educational materials to raise awareness about common cybersecurity threats (e.g., phishing, social engineering).
  • Track training progress and ensure all employees are regularly updated on security best practices.
  • Support client-facing initiatives to promote a culture of cybersecurity within the organization.

Security Advisory Support

  • Provide support for security advisory services by gathering information on emerging threats and vulnerabilities.
  • Assist the Senior IT Security Manager in providing recommendations for mitigating risks associated with new and emerging security threats.
  • Help maintain a repository of security advisories, updates, and patches, ensuring timely distribution to relevant stakeholders.

Incident Response

  • Support the investigation and response to security incidents, gathering data and providing initial analysis.
  • Help escalate security incidents and assist in documentation and resolution.
  • Participate in post-incident reviews to identify lessons learned and areas for process improvement.

Risk Management and Compliance

  • Help in conducting risk assessments to identify potential security risks and recommend mitigation strategies.
  • Assist with ensuring the client’s environment remains compliant with industry standards and regulations.
  • Contribute to the maintenance of security policies, procedures, and controls to ensure compliance and mitigate risks.

Collaboration and Communication

  • Work closely with other IT Security team members to implement and enforce security policies and practices.
  • Communicate effectively with internal teams and client stakeholders about security status, risks, and incidents.
  • Provide support in preparing reports, presentations, and security briefings for senior management and clients.

Continuous Learning and Improvement

  • Stay up-to-date on the latest trends in cybersecurity, including new tools, vulnerabilities, and attack techniques.
  • Participate in ongoing professional development to expand security knowledge and skills.
  • Assist in identifying and implementing improvements to existing security processes, policies, and tools.
     

A little bit about you:

Education:

  • Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or related field.
  • Relevant certifications such as CISM, CISA, CompTIA Security+, Certified Ethical Hacker (CEH), or equivalent are a plus.

Experience:

  • Min 2 years of experience in IT security, cybersecurity, or a related field.
  • Hands-on experience or familiarity with vulnerability scanning tools, firewall rule configurations, and identity management systems.
  • Experience or exposure to supporting security audits and compliance processes.
  • Familiarity with network security concepts, SIEM systems, and basic incident response protocols is a plus.

 

Skills and Knowledge:

  • Understanding of IT security principles and best practices.
  • Basic knowledge of security tools such as firewalls, antivirus software, IDS/IPS, and SIEM systems.
  • Familiarity with security frameworks (e.g., NIST, ISO 27001, CIS Controls).
  • Strong analytical and troubleshooting skills.
  • Good written and verbal communication skills.
  • Ability to work effectively in a team and manage tasks in a dynamic environment.

 

 

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future.  

 

Together, we make the extraordinary happen 

 

Learn more about us at ncs.co and visit our LinkedIn career site. 

We handle all profiles with the highest level of confidentiality.