Consultant, IT Security (ITSO) Consultant, IT Security (ITSO) …

à Singapour, Singapore, Singapour
CDI, Plein-temps
Soyez parmi les premiers à postuler
à Singapour, Singapore, Singapour
CDI, Plein-temps
Soyez parmi les premiers à postuler
See job description for details


  • Compliance to customer's security policy and process e.g. government IM8 security policy
  • Monitor and track security advisory assessment and recommendation
  • Develop and maintain Security hardening standards and polices
  • Perform routine compliance checks from security perspective and remediate non-compliance.
  • Review and development of information security policies, standards, processes, procedures and guidelines in accordance with cybersecurity best practices
  • Administer compliance with these policies and procedures through ongoing security reviews, audits and assessments.
  • Conduct security risk assessment, business impact analysis and develop security risk treatment plan.
  • Collaborate with stakeholders for risk management, mitigation and remediation measure.
  • Collaborate with Technical Leads on security testing.
  • Develop in the security awareness training program to foster a secure culture, improve security awareness and compliance.
  • Partner with internal and external audit teams, to manage and effect audits from a compliance & point-in-time perspective, to a risk-driven, continuous proactive compliance approach.
  • Point of contact to assist and advise on ICT security related matters.
  • Create security metrics to communicate security posture and risks to management.

The ideal candidate should:

  • Degree/Diploma or higher in Computer Science, Information Systems or equivalent
  • At least one security certification is preferred, such as CISM, CRISC, CISA or CISSP
  • At least 2-5 years of experience in cyber/IT Risk Management, Governance or Compliance.
  • Understanding of control and risk management concepts including control testing, risk assessments, risk treatment and third party risk.
  • Knowledge of risk management policies, methods, standards, processes, governance models, and both quantitative and qualitative risk analysis approaches.
  • Knowledge of common information security management frameworks, such as ISO 27001-5, COBIT and NIST, including 800-53 and Cyber security Framework.

NCS logo
Offres similaires
Plus d'offres