• New role to implement all policies, procedures and team structure across security.
• Private property developer in Singapore.

Be part of a dynamic growing team that seeks to be highly visible, responsive and effective in delivering cybersecurity advisory and solutions to all business units of my client’s organisation spanning in both Singapore and the region. We plan on achieving significant growth for the IT division within the organization and believe that the best way to attain this goal is to groom our people. This position will offer opportunities to challenge and increase your technical and business acumen.

The Information Security Manager is responsible to establish and execute IT security framework and controls to improve and enhance cyber resiliency for the organization. The successful candidate will report to the Head of Infrastructure and Operations for Group IT. 

Scope of Duties and Responsibilities:

Security Standards and Guidelines

• Document, review, enforce and improve Information Security policies, standards and processes to comply with audit, statutory requirements and counter new information security threats.
• Establish standard guidelines on server hardening and firewall policies for Operations team to develop standard operating procedures.
• Establish standard guidelines on the authorization matrix on access privileges for Routers, Firewall, Active Directory and Internet Proxy to mitigate security risk where applicable.

Information Security Awareness

• Keep current with emerging security threats and vulnerabilities through attending seminars and educating from industry security leading websites
• Evaluate security aspects of new technologies and define security control requirements.
• Promote information security awareness to users through effective awareness programme.

Operations Security Support

• Implement security improvements by assessing current situation, evaluating trends and anticipating requirements.
• Identify compromised machines and report on security measures taken to address threats to Operations team.
• Conduct, support and coordinate information security incident investigations, and propose corrective and preventive measures.
• Analyse and provide security alerts/reports generated by network and applications using solutions such as Security Information and Event Management (SIEM) tools.

Security Advisory and Assessment

• Provide security advisory and solutioning on matters related to information security such as new security threats and vulnerabilities.
• Advise management on the appropriate cyber security solutions and technologies to be deployed
• Conduct security compliance reviews of IT systems, network and core application.
• Determine security violations and inefficiencies by conducting periodic audits.
• Conduct vulnerability assessments and track remediation status of identified vulnerabilities.
• Manage budget for IT security cost

Vendor Management

• Research, evaluate, recommend and test cybersecurity solutions.
• Manage cybersecurity vendors on security operations such as incidents for security threats, attack or unauthorized users.
• Manage outsourcing partner to ensure the information security controls are properly carried out.