IT Security Manager - Singapore - Morgan McKinley

Morgan McKinley

Verified Company

Singapore

2 weeks ago

Posted by:

Wei Jie

beBee Recruiter

Job Description - IT Security Assistant Manager / Deputy Manager / Manager

Responsibilities

Tracking and monitoring of security vulnerabilities and working with the team to plan for remediation or implementing controls to mitigate them
Review security testing reports (e.g. vulnerability assessment, penetration testing and secure code review)
Perform threat intelligence and gather publicly available information to identify indicators of cyber security attacks
Support in defining and managing of cyber security policies, standards and guidelines in support of legal and regulatory compliance needs
Create and disseminate security advisories, conduct security awareness programs for organisation and regional subsidiaries
Assist business in performing business impact analysis and maintain cybersecurity risk register
Support vendor duediligence process and help to lead and define overall thirdparty risk management efforts
Ensure the development of business continuity plans, incident response plan and disaster recovery procedures for the systems managed under security operations program
Front and chair local Incident Management Team calls and keep senior management, stakeholders and external regulators updated on the progress of cyber incident management
Identify and manage potential and actual operational issues within the incident detection/response domain and take corrective action and reporting whenever required
Support both internal audit and external audits

Key Competencies

Passionate about security and maintain uptodate knowledge of available and emerging security threats and various security technologies
Experience and knowledge in local and international standards such as
MAS TRM, MAS Operational Risk Management guidelines, MAS management of third party arrangements guidelines, ISO 27001, NIST SP 800 series etc

will be advantageous:
-
Hands-on experience with Qradar and Imperva:

Strong understanding of the cyber-attack vectors and the ability to articulate the cyber kill chain and relevant controls to prevent and detect attacks
Experience in managing security solutions such as Enterprise Antimalware Solution, Security Assessment Tools, 2FA, DLP or other similar security technology stack
Solid understanding of Risk Management principles
Ability to work with distributed teams to operate real time awareness of security posture and baseline

EA Licence No: 11C5502

Registration No:
R1876903