Share this Job

IT Security & Compliance Manager

Date: 10-Sep-2022

Location: Singapore, Singapore

Company: Singtel Group


  • Develop and maintain client’s IT Security Management and Cyber Security Plan focus on Applications Systems and IT Infrastructure
  • Harmonise obsolescence management efforts across Applications Systems
  • Perform risk review and assessment for potential security vulnerabilities from identified activity and obsolete systems for Applications Systems and IT Infrastructure 
  • Conduct regular penetration testing and Static Application Security Tests
  • Assess, evaluate,  recommend and advice the mitigating measures to address potential security vulnerabilities
  • Schedule security scan for identified systems according to policies, and verify all vulnerability rectifications are satisfactorily rectified
  • Schedule mandate annual security self-attestation and independent review for Application Systems and IT Infrastructure and to submit the independent audit / review report to client
  • Conduct annual mandate hardening for Application System and IT Infrastructure to ensure compliance to the client policies and directives
  • Conduct Security Review on System Access and administration patterns weekly, and report unusual or suspicious activities, if any, to client and HQ Governance Management
  • Track, mitigate and deploy patch security vulnerabilities accordingly to the stipulated timeline.
  • Maintain oversight and submit reports on monthly basis
  • Escalate and/or seek Authority’s acceptance and approval of assessed risks
  • Conduct IT Security Management briefings and workshops
  • Explore and propose continual improvement to the security workflow and processes to client


The ideal candidate should possess:

  • Diploma / Degree in Computer Sciences, Engineering and any Sciences disciplines
  • Certified Ethical Hacker (CEH) Certification
  • Certified Information Systems Security Professional (CISSP)
  • Hands-on experience Splunk, Tenable, BeyondTrust, HP Fortify Static Code Analyzer and Fireeye, WebInspect, BurpSuite and Tools projects in OWASP