Kindly note that Jobline will be offline for maintenance on this Friday (May 14, 2021) from 5:00 PM to 9:00 PM.

Role Responsibilities:

  • Review and development of security framework, information security policies, processes / procedures, and guidelines on an ongoing basis.
  • Establish risk assessment, compliance enforcement activities with these policies / procedures through ongoing security/compliance reviews, not limited to log analysis and security assessment of customer ICT systems.
  • Conduct security risk management exercise, conduct table-top exercises, conduct vulnerability assessment, coordinate penetration tests activities, conduct information security awareness training for Line of Business Representatives.
  • Support internal projects in the matters of security risk assessment and compliance enforcement work.
  • Be the point-of-contact to assist and advise project leads for ICT security related matters.

Requirements

  • Your skills and expertise: In the area of risk assessment, compliance enforcement security and security governance: a) Years of IT/IT Security Experience: Minimum 1-4 Years (Junior), 4-7 Years (Senior) b) Work Experience: Minimum 1-4 Years (Junior), 4-7 Years (Senior)
  • Understanding of information security principles, ISO 27001 controls, Center for Internet Security (CIS) controls, Cloud Controls Matrix (CCM) controls and PCI Security Standard are referred.
  • Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit / log review), application security, security technologies (system hardening, IDS/IPS, firewall), security incident response and security assessment.
  • Internal project focused with good interpersonal skills. Team player with leadership qualities.
  • Preferred: Possess one (or more) of the following security certifications: CISSP/CISA/CISM/ISMS Lead Auditor Certification.
  • Bachelor’s Degree in Information Security, Information Assurance, Computer Science and Computer Engineering.