Kindly note that Jobline will be offline for maintenance on this Friday (Jan 17, 2020) from 5 PM to Jan 18, 2019 at 7 AM.

Responsibilities

i) Manage department - Oversee department management including budgets, forecasting, work allocations and staffing - Develop staff through ongoing coaching, mentoring and career discussions - Define common goals, direction and accountability among staff - Drive effective performance management practices within department in accordance with company policies and procedures

ii) Security Consultancy and Design - Provide, advise and review security requirements, measures and standards required for systems acquisition, design, changes and upgrades, development, implementation as well as operations.

iii) Security Management - Set up and manage security systems such as firewalls, IPS, network ATP, VPN, WAF, end-point protection, certificate management system, log management system, database access monitoring, vulnerability and compliance scanners. This includes carrying out maintenance, upgrades and patching.

iv) Security Incident Management - Respond to security incidents. - Evaluate the type and severity of security events. - Set clear expectations on issue resolution. - Update stakeholders on changes in status during issue resolution. - Provide status updates during the life cycle of an incident. - Create final incident report detailing the events of the incident. - Support the maintenance and update of business recovery/contingency plans and/or procedures. - Assist with establishing procedures for handling detected security events.

v) Audit and Compliance - Single Point of Contact (SPOC) for internal/external auditors and consultants in audit/review projects. - Review audit artifacts with domain experts. - Tracking the status of audit issues till closure. - Perform internal security compliance checks on IT systems.

Requirements

  • At least 8 - 10 years’ experience in developing, implementing and maintaining IT systems.
  • Experience in leading a team.
  • Broad security knowledge of a wide spectrum of Infra systems including servers, network, workstations and security management tools.
  • Experience in operating system security, database security, network security, firewalls, SIEM, computer security Incident response, vulnerability scanning, SAP, LDAP and PKI.
  • Strong vendor, service level and project management skills.
  • Strong communications skills with stakeholders at all levels.
  • Certification in CISSP and/or CISA/CISM will be preferred.
  • Degree in IT, Computer Science, Computer Engineering or equivalent.