Itso

About the role

IT Security Officer 3 years of experience in developing, implementing, and maintaining comprehensive information security programme for enterprise environments. The candidate should possess in-depth knowledge and hands-on experience in the following core areas: (Must Have) - Information Security Governance (Core): (A) - Knowledge of information security policies, standards, and procedures - Ensuring compliance with relevant industry standards and regulations (e.g., ISO 27001, GDPR, HIPAA) - Conducting regular risk assessments and managing the organization's risk register - Threat Detection and Response (Core): (D) - Managing Security Information and Event Management (SIEM) systems - Experience with Endpoint Detection and Response (EDR) solutions - Developing and maintaining incident response plans and procedures - Vulnerability Management (Core) (E) - Conducting regular vulnerability assessments and penetration testing - Managing the patch management process across the organization - Experience with vulnerability scanning tools and remediation strategies - Compliance and Auditing (Core): (H) - Ensuring compliance with relevant industry standards and regulations - Conducting internal security audits and supporting external audits - Preparing and maintaining security-related documentation forcompliance purposes (Good to Have) - Security Architecture: (B) - Knowledge of zero-trust security models and micro segmentation - Knowledge of secure cloud architectures and cloud security best practices - Security Architecture: (C) - Managing IAM solutions - Experience with multi-factor authentication (MFA) and single sign-on(SSO) technologies - Proficient in privileged access management (PAM) strategies - Data Protection (Core): (F) - Knowledge of data loss prevention (DLP)strategies - Experience with encryption technologies for data at rest and in transit - Knowledge of data classification and handling procedures - Security Awareness and Training: (G) - Developing and delivering security awareness training programme - Creating and maintaining security documentation and guidelines for end-users - Promoting a culture of security within the organization - Third-Party Risk Management (I): - Assessing and managing security risks associated with vendors and third-party service providers - Developing and enforcing security requirements for third-party contracts - Cloud Security (Core): (J) - Understanding of cloud security principles and best practices - Experience securing multi-cloud and hybrid cloud environments - Knowledge of cloud access security brokers (CASB) and cloud security posture management (CSPM) - Application Security (Core): (K) - Familiarity with secure software development lifecycle (SDLC)practices - Experience with application security testing tools and methodologies - Knowledge of web application firewalls (WAF) and runtime application self-protection (RASP) - Operational Technology (OT) Security: (L) - Understanding of OT security principles and challenges - Experience securing industrial control systems (ICS) and SCADA environments - Emerging Technologies: (M) - Keeping abreast of emerging security technologies and threats - Evaluating and recommending new security solutions as needed Disclaimer: The company is committed to ensuring the privacy and security of your information. By submitting this form, you consent to the collection, processing, and retention of the information you provide. The data collected (which may include your contact details, educational background, work experience and skills) will be used solely for the purpose of evaluating your qualifications for the position you're applying for. Your data will be stored securely and retained for the duration necessary to fulfill our hiring process. If you are not selected for the position, your data will be kept on file for a limited period in case future opportunities arise. You have the right to access, correct, or delete your data at any time by contacting us at Quess Singapore | A Leading Staffing Services Provider in Singapore (quesscorp.sg) This is in partnership with the Employment and Employability Institute Pte Ltd ("e2i"). e2i is the empowering network for workers and employers seeking employment and employability solutions. e2i serves as a bridge between workers and employers, connecting with workers to offer job security through job-matching, career guidance and skills upgrading services, and partnering employers to address their manpower needs through recruitment, training, and job redesign solutions. e2i is a tripartite initiative of the National Trades Union Congress set up to support nation-wide manpower and skills upgrading initiatives. By applying for this role, you consent to Quesscorp Singapore's PDPA and e2i's PDPA

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at QUESSCORP SINGAPORE PTE. LTD.? Share your experience