• Strategic planning for IT security investments and technology adoption to maximize effectiveness of IT security controls against rapidly evolving threats
• Develop and maintain common standards, methodologies and best practices for security management to ensure IT systems are designed with due considerations for security
• Provide consultancy and advice on IT security architecture and design considerations to IT project teams
• Lead in the design and implementation of IT security platforms and their associated software which may include access control solutions, identity and access management platforms, data protection technologies, anti-malware, vulnerability management, security monitoring and compliance tools
• Perform security review of IT system
• Ensure security best practices and compliance standards are implemented on IT system
• Liaise with internal and external stakeholders on cyber security issues to keep everyone abreast of expectations, project/issue status and completion
• Track and analyse IT security metrics for optimal effectiveness and benchmarking
• 8 or more years of working experience in IT Security
• Relevant certifications in networking or cyber security, e.g. CISSP, CISM, CISA, CRSIS preferred
• Experience with DevSecOps methodologies and processes preferred
• Experience in security architecture of cloud native applications preferred
• Experience in providing security advisory and consultancy on application and services, including the design, development, implementation and/or management of the system
• Understanding of CI/CD tools
• Experience with security tools and technologies, such as Security Information and Events Management, Data Loss Prevention, Database Activity Monitoring, Data Security and Protection,
