Responsibilities:
- Develop and maintain common standards, methodologies and best practices for security management to ensure IT systems are designed with due considerations for security
- Ensure security best practices and compliance standards are implemented on IT system
- Lead in the design and implementation of IT security platforms and their associated software which may include access control solutions, identity and access management platforms, data protection technologies, anti-malware, vulnerability management, security monitoring and compliance tools
- Liaise with internal and external stakeholders on cyber security issues to keep everyone abreast of expectations, project/issue status and completion
- Perform security review of IT system
- Provide consultancy and advice on IT security architecture and design considerations to IT project teams
- Strategic planning for IT security investments and technology adoption to maximize effectiveness of IT security controls against rapidly evolving threats
- Track and analyse IT security metrics for optimal effectiveness and benchmarking
Requirements:
- 8 or more years of working experience in IT Security
- Background in Engineering or Computer Science
- Experience in providing security advisory and consultancy on application and services, including the design, development, implementation and/or management of the system
- Experience in security architecture of cloud native applications preferred
- Experience with DevSecOps methodologies and processes preferred
- Experience with security tools and technologies, such as Security Information and Events Management, Data Loss Prevention, Database Activity Monitoring, Data Security and Protection, Privileged Access Management, File Integrity Monitoring, Web Application Firewall, Intrusion Prevent etc
- Relevant certifications in networking or cyber security, e.g. CISSP, CISM, CISA, CRSIS preferred
- Understanding of CI/CD tools