全职 ITSM 工作, 薪水 up to SGD 10,000, Enggsol Pte Ltd 公司招聘中 - Ricebowl

You will:

1. Cyber Vigilance:

  - Monitor and analyze security event logs to identify potential security incidents.

  - Respond to security incidents in a timely and effective manner, ensuring minimal disruption to business operations.

2. Risk Management:

  - Conduct risk assessments and vulnerability management to identify potential security threats.

  - Develop and implement mitigation strategies to minimize risk.

3. Compliance and Governance:

  - Ensure compliance with IT security policies, regulations, and standard e.g IM8 , PDPA.

  - Develop and maintain security policies, procedures, and guidelines.

4. Incident Response:

  - Develop and maintain incident response plans and procedures.

  - Coordinate incident response efforts with stakeholders, including IT teams and management.

5. Security Awareness and Training:

  - Promote security awareness and training programs for employees.

  - Develop and deliver security training sessions to enhance employee knowledge and skills.

Requirements

1, Minimum 5 -7 years of IT experience in cybersecurity management, with a focus on incident response, vulnerability management, with governance risk and compliance.

2. Hands-on experience with security technologies, either one of the following

- Application Security

 - Open Web Application Security

- Penetration Testing

- Vulnerability management systems (e.g., Tenable, Nessus)

 - Security information and event management (SIEM) systems

 - Identity and access management (IAM/PAM/MFA) systems

3. Industry-recognized certifications, must have at least one of :

   - CISSP

   - CISM

   - GIAC/CISA

   - CEH, or any other professional security certification will have an added advantage

4. Strong analytical and problem-solving skills, with the ability to analyze complex security issues and develop effective solutions.

5. Excellent communication and interpersonal skills, with the ability to communicate technical information to non-technical stakeholders.

Prefer to Have:

1. Experience with cloud security, including AWS or Azure or GCP

2. Knowledge of federal information security regulations, such as FISMA or FIPS.

3. Experience and knowledgeable in security frameworks, such as ISO 27001, Zero Trust framework , NIST Cybersecurity Framework , CIS hardening etc.