The Role:
Drive the implementation of the company's cybersecurity, data protection, and privacy policies, standards and processes within the practice.
Work to continually improve the security posture of projects through proactive risk management and the establishment of a broad range of cybersecurity controls.
Provide direct support to colleagues to ensure cybersecurity is addressed throughout the engagement delivery lifecycle, from infrastructure and security tooling choices to the secure storage, processing and deletion of client data.
Act as a single point of contact and escalation for the SOC, Threat Intel and Crisis Response teams for practice-related cybersecurity incidents, ensuring timely identification, remediation and lessons learned.
Manage the security SLA governance and provide practice-level cybersecurity reporting, metrics and forecasting to leadership.
Responsible for information security, data protection, privacy, GRC, and audit requests for the practice, acting as single point of contact on relevant client security assessment and audits execution. E.g. independent third-party attestations of industry cybersecurity standards and certifications, such as ISO 27001, SOC 2 for practice-specific solutions and products.
Contribute to the definition of the client specific security baseline. Consult and advise internal and external clients about security topics and support the opportunity management process by providing subject matter expertise and support.
Help win client business by providing cybersecurity assurance to RFIs, RFPs, proposals, contract drafting, security questionnaires, workshops and other client due diligence processes.
The Requirements:
Degree or Diploma or higher in Computer Science, Information Systems or its equivalent.
At least one industry recognized security certification is, such as Certified Information Security Management (CISM), Certified Information Systems Security Professional (CISSP).
Over 5 years of experience in information security management either in domains of Cyber Security Operations, Incident Response, Forensic Investigation, Threat Intelligence or Vulnerability Management.
Good working knowledge of security risk management, security governance framework and compliance (IT Security Audit/log review).
Understanding of information security principles, ISO 27001 controls, Center for Internet Security (CIS) controls, Cloud Controls Matrix (CCM) controls.
Experience with application security, security technologies and tooling, e.g., vulnerability scanners, firewalls, network, application security, security technologies (system hardening, IDS/IPS, firewall).
Experience carrying out security incident response, penetration testing, vulnerabilities scanning, and security assessment.
Senior stakeholder management and working across various parts of the organization.
Team player with good interpersonal, influencing skills
To Apply:
Please send your latest CV in word file to [email protected]
Kindly indicate your availability, current and expected remuneration package.
We regret that only shortlisted candidates will be notified.
For more job opportunities, please visit our career page: http://quinnox-solutions.com/c...
Quinnox Solutions Pte Ltd (License Number: 06C3126)
Registered EA Personnel (Reg. No.:R1551322)
