Lead System Security Consultant
Salary: $8000- $10000
Location: Commonwealth
Working hours: Monday – Friday, 9am – 6pm
Responsibilities:
- Conduct gap analysis of existing on-prem data centre and cloud infrastructures, identifying and assessing gaps in the overall security posture.
- Conduct comprehensive risk assessments to identify and mitigate security risks associated with information systems and processes.
- Lead and coordinate system security acceptance testing to ensure that all security requirements are met before systems are deployed.
- Collaborate with development and engineering teams to integrate security-by-design principles into the SDLC.
- Develop and maintain security policies, standards, and guidelines to ensure compliance with industry standards and regulatory requirements.
- Provide expert advice on security architecture and design, ensuring robust protection mechanisms are implemented.
- Manage vulnerability assessments and penetration testing to identify and address security weaknesses.
- Develop and deliver security training and awareness programs for employees and stakeholders.
- Stay current with emerging security threats, technologies, and trends, and provide recommendations for continuous improvement.
- Assist in the development and implementation of incident response plans and participate in security incident investigations as needed.
- Prepare detailed reports and documentation for management, highlighting security risks, mitigation strategies, and compliance status.
Requirements:
- At least 5 years of experience in information security, with a focus on risk assessment, system security acceptance testing, and security-by-design.
- Professional certifications such as CISSP, CISM, or GSEC.
- In-depth knowledge of security frameworks and standards such as ISO 27001, NIST, CIS Controls, and Cybersecurity Act of 2018.
- Proven experience in system security acceptance testing and validating security controls.
- Expertise in integrating security-by-design principles into the SDLC.
- Familiarity with security tools and technologies such as SIEM, IDS/IPS, Firewalls, Endpoint Protection and Wazuh.
- Strong in technological architectures (infrastructure / application), both in on-premises data centres and cloud infrastructures.
- Experience with cloud security and working with cloud service providers such as AWS, Azure, or Google Cloud.
- Knowledge of regulatory requirements and standards relevant to the industry (e.g., PCI-DSS, HIPAA).
If you do not possess the above experience, your application will still be considered on individual merits and you may be contacted for other opportunities.
By submitting your personal data and/or resume, you give consent to the collection, use, and disclosure of your personal data and/or resume by the company (or its agent) for the purpose of the processing and administration by the company relating to this job application.
Please be notified that only shortlisted candidates will be notified.
EA Personnel.: Chan Jun Wei
EA Registered no.: R1543992
Recruit Now Singapore Pte Ltd
EA License no.: 21C0845