Information Security Officer - Singapore - DCS CARD CENTRE PTE. LTD.

DCS CARD CENTRE PTE. LTD.

Verified Company

Singapore

2 weeks ago

Posted by:

Wei Jie

beBee Recruiter

Description

Key Responsibilities:

First Line of Defense (1LoD), reporting to Chief Technology Officer (CTO) and working with IT team leads to identify and manage the security risks exposed to the organization.
Review and evaluate new security technologies and practices to protect the organisation in minimizing information security risks and cyberattacks.
Implement a systematic and structured Information Security Management System (ISMS) process for identification and management of information security risks.
Review, maintain, and disseminate security policies in line with risk appetite, security strategy, relevant laws (MAS TRM, MAS BCM, ABS Cloud Computing, PCI-DSS version 4, NIST Cybersecurity Framework, PDPA) and security standards (CIS), and best practices.
Implement, monitor and periodic review security controls in accordance with the organisation's security policy and business drivers.
Be the SPOC (single point of contact) for management of internal, external and regulatory audits, and security testing program (VAPT, Source Code Review, API security assessment, etc.) to validate compliance with security policies.
Monitor emerging new threats and adjust IT risk management plans and security controls as necessary.
Assess the security posture of third parties (vendor) / conduct due diligence checks.
Assess and communicate information security risks and issues to stakeholders. Identify opportunities for continuous improvement.
Custodian of the Information security awareness initiative and provision of training (policies, procedures, communication) to all staff (and vendors where appropriate) on a periodic basis.
Liaise with business, project leaders and stakeholders (e.g. Risk & Compliance) as required to provide security guidance/advisory and inputs.
Lead, manage and resolve IT security incidents and escalations timely.
Lead enterprise business continuity planning (BCP) and IT Disaster Recovery (DR) coordination
Take on other tasks where reasonably assigned by IT senior management.

Key Requirements:

Minimally 5 years of experience in Information Security role, with 2 years in a Information Security leadership role
Background in Digital systems or IT desirable
Ability to take initiative, make and evaluate decisions and deliver timely
Independent, resourceful and a teamplayer, with good analytical skills
Experience in IT/cybersecurity incident investigation and reporting
Experience with solution's and implementation of security tools such as Endpoint Detection & Response (EDR), SIEM, Data Leakage Prevention
Preferably knowledgeable of Ethical Hacking (Pentesting), Intrusion Prevention, Incident Response, Forensics, MITRE Framework and Vulnerability Assessment
Preferably experience in design and implementation of a secure infrastructure on major Cloud platform providers; have knowledge of cloud security best practices and industry security requirements
Knowledge of PCI-DSS
Professional certification (e.g. CISSP/CISM, CEH, GIAC Security Essentials (GSEC), CompTIA Security+) is a plus Qualification
Educational level should be mínimally Diploma