Cybersecurity Engineer developing solutions for complex security challenges protecting data and networks. Implementing next generation security solutions for government and commercial clients in hands - on roles.
AL
Hybrid Cybersecurity Consultant – Managed Agencies
Posted 5 months ago
About the role
- Cybersecurity Consultant managing IT security incidents and compliance with government agencies in Singapore. Driving security operations and training while collaborating with internal and external teams.
Responsibilities
- Support IT security incident management, responses and reporting till closure.
- Develop, review, and maintain operational SOPs and playbooks on IT security incidents management.
- Coordinate and work with both internal and external teams to investigate and resolve IT security incidents (including identifying the source of infection, impact).
- Review and submit IT security incident reports including documenting the calendar of event for the incidents.
- Recommend improvements to prevent the recurrence of the IT security incidents.
- Review, monitor and respond to security alerts and notifications and ensure that they are attended to and addressed in a timely manner.
- Coordinate and work with both internal and external teams to conduct reviews (which includes but is not limited to security reviews, assessments, tests, and remediation).
- Plan, schedule, conduct and ensure information required for the reviews are provided by the relevant teams.
- Ensure reviews conducted are supported with documentary evidence and submitted timely to the agency’s IT security team for closure.
- Provide support for audit activities and security testing (Vulnerability Assessment Scans Penetration Testing and Source Code Reviews).
- Ensure all findings and remediations are followed up within the time frames stipulated by relevant policies.
- Verify system components such as operating system, database, web servers, network devices are configured and set up according to the agency’s security standards and requirement.
- On top of monthly reporting, also includes providing and conducting IT security awareness, training and guidance to the users and vendors including recommending security practices and configurations.
- Vendor management includes evaluating vendor performance and conduct regular assessments to ensure compliance with contractual agreements and service level expectations.
Requirements
- Proven experience in IT security management with a focus on governance, risk, and compliance.
- In-depth knowledge of security governance frameworks, risk management methodologies, and compliance requirements.
- Familiar with relevant standards and regulations such as ISO 27001, GDPR, NIST, etc.
- Strong analytical and problem-solving skills with the ability to communicate complex security and compliance issues effectively.
- Experience in securing SaaS Products and cloud security is preferred
- Relevant certifications such as CISSP, CISM, CRISC, or CGEIT are a plus.
Benefits
- A wholly-owned subsidiary of GovTech.
- We promote a learning culture and encourage you to grow and learn.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Information Security Manager responsible for security governance and risk management. Engaging with technical teams for compliance with security standards and best practices.
Customer Support Coordinator delivering technical support for complex security solutions. Collaborating with internal teams and external stakeholders to resolve service incidents while ensuring high performance standards.
Security Access Control Specialist at AMERICAN SYSTEMS managing database queries, document processes, and security measures. Supporting federal government programs through effective security operations in McLean, VA.
Site Security Specialist tasked with implementing security measures for client at Richmond site. Acting as point of contact for security team and client management.
Information Security Specialist responsible for developing ISMS under ISO 27001 and guiding audits. Collaborating closely with IT and management while ensuring compliance and documentation.
Senior Threat Detection & Response Engineer at ICF developing cyber analytic capabilities for federal cybersecurity. Engage in project design and countermeasure capabilities while collaborating with key stakeholders.
Technician in Occupational Safety at Telefônica working on safety programs to prevent workplace accidents. Ensuring compliance with safety regulations in Ribeirão Preto/SP.
Cybersecurity Engineer at Mythics implementing Zero Trust security architecture for federal systems. Collaborating with senior engineers on secure data movement and vulnerability remediation.
Lead Information Security Engineer focused on phishing mitigation in Cybersecurity at Wells Fargo. Engaging in threat detection and incident response across various teams.