IT Security Manager

As a member of the Specialists team, you will play a crucial role in driving IT Security initiatives for Prudential Singapore. As part of this dynamic role, you will report to Head of IT Security, you will actively collaborate with cross-functional teams to develop and implement strategic security measures, ensuring alignment with Prudential’s overall business objectives while safeguarding Prudential’s digital assets.

• Works alongside Head of IT Security to ensure compliance and continuous improvement of the company Security posture
• Assess infrastructure, architectures and system designs for potential security gaps and propose controls close or mitigate those gaps
• Perform Security Assessment on IT Changes and Projects
• Articulate associated risks and propose mitigations on related source code reviews, vulnerability assessment scanners, DevSecOps scanners and pentest findings to stakeholders
• Oversee the management and remediation of identified security findings from source code reviews, vulnerability assessments scanners, DevSecOps scannerss and pentest
• Familiar and has experiences with Web Security, Mobile Security and API Security
• Familiar with MAS TRM, Cyber Hygiene Notice and related regulations
• Familiar and have hands-on experience with Cloud Technologies, CI/CD, DevOps and DevSecOps tools
• Familiar with the process and management of Bug Bounty programme
• Assist in Security Incident Management
• Assist in Cyber Risk assessments and Gap assessment
• Assist in validating security controls and enforcement of policies and standard compliance
• Assist with security related consultations
• Assist in Internal, External and Regulatory Audit
• Assist in Firewall Management
• Experience in managing or implementing Enterprise level security controls
• Experience in reading and writing code or scripts in any modern programming or scripting language (Java, Python, Typescript, etc.).
• Foster knowledge sharing culture within team and IT
• Experience in Red and Blue Teaming a bonus

Working Experience:

• 5 years or more experience working in Financial Institute /Insurance industry
• Familiar with Singapore regulatory IT security requirements, example: MAS TRM, Cyber Hygiene notice.
• Relevant certification such as Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), Microsoft Certified Azure Security Engineer Associate, or Certified Cloud Security Professional (CCSP)

Education:

• Bachelor’s Degree in IT/Computer Science/Computing or related.

Language:

• English.