Please note: Interested applicants must ideally be Singaporean or PR.
About Our Client
Our client is a financial investment company with an extensive global reach and solid and diverse investment portfolio. They are rapidly growing through strategic plans and scaling up their successes in following their investment analytics and long term returns.
About the IT Security Lead role:
Leading a team and driving IT Security and Technology Risk management initiatives, you will report to the section head. Through close collaboration together with the business and IT teams, your goal is to safeguard the company.
Key functions of the IT Security Lead
- Lead IT Security projects and resolve new/complex problems which may impact security posturing
- Provide IT Security advisory to both IT and business users, including outsourcing arrangements
- Provide guidance and advisory to address security findings from code reviews, vulnerability assessments and penetration testing.
- Secure coding best practices and development activities.
- Review change requirements for existing applications, identify risks, and recommend security solution before moving to production.
- Exercise risk-based judgement, and to push teams to make the right security decisions and priorities
- Continuously improve IT Security services delivered by 3rd parties to meet evolving threats which includes:
- Perimeter Defence
- Network Segmentation
- Identity & Access Management
- Application Security
- End Point Security
- Patch & Configuration Management
- Log & Event Monitoring
- Penetration Testing
- Vulnerability Scanning
- As and when necessary, train and develop IT Security knowledge to junior team members.
- A good Degree in Information Technology / Engineering / Computer Science.
- Certified Information Systems Professional (CISSP) or equivalent
- Certified Ethical Hacker (CEH) or equivalent
- Experience with industry compliance, security standards and/or frameworks such as PCI-DSS, ISO 27001, NIST
- Understanding of local government regulations such as MAS, PDPA, etc
- Knowledgeable of:
- API security experience
- Cloud security concepts and technologies
- Dynamic code analysis
- Mobile application
- Penetration testing
- Secure code reviews
- Secure static code analysis
- Threat modelling tools
- Web server design
Experience with the following technologies will be an added advantage:
- AGILE or SCRUM
- Scripting and programming
If you are interested to learn more about the above job role or any other job opportunities, please apply to this job advertisement or alternatively contact the following consultant:
+65 6589 8787
SearchElect Pte. Ltd. adheres to the Singapore Ministry of Manpower Tripartite guidelines on Non-Discriminatory Job Advertisements which you can find more information about HERE. If you feel any part of this job advertisement is discriminatory please immediately raise to our attention via email@example.com. We take these matters seriously and thank you for your cooperation.