Share this Job
IT Security & Compliance Manager
Date: 18-Apr-2022
Location: Singapore, Singapore
Company: Singtel Group
Responsibilities:
- Develop and maintain client’s IT Security Management and Cyber Security Plan focus on Applications Systems and IT Infrastructure
- Harmonise obsolescence management efforts across Applications Systems
- Perform risk review and assessment for potential security vulnerabilities from identified activity and obsolete systems for Applications Systems and IT Infrastructure
- Conduct regular penetration testing and Static Application Security Tests
- Assess, evaluate, recommend and advice the mitigating measures to address potential security vulnerabilities
- Schedule security scan for identified systems according to policies, and verify all vulnerability rectifications are satisfactorily rectified
- Schedule mandate annual security self-attestation and independent review for Application Systems and IT Infrastructure and to submit the independent audit / review report to client
- Conduct annual mandate hardening for Application System and IT Infrastructure to ensure compliance to the client policies and directives
- Conduct Security Review on System Access and administration patterns weekly, and report unusual or suspicious activities, if any, to client and HQ Governance Management
- Track, mitigate and deploy patch security vulnerabilities accordingly to the stipulated timeline.
- Maintain oversight and submit reports on monthly basis
- Escalate and/or seek Authority’s acceptance and approval of assessed risks
- Conduct IT Security Management briefings and workshops
- Explore and propose continual improvement to the security workflow and processes to client
The ideal candidate should possess:
- Diploma / Degree in Computer Sciences, Engineering and any Sciences disciplines
- Certified Ethical Hacker (CEH) Certification
- Certified Information Systems Security Professional (CISSP)
- Hands-on experience Splunk, Tenable, BeyondTrust, HP Fortify Static Code Analyzer and Fireeye, WebInspect, BurpSuite and Tools projects in OWASP