- Lead communication of security goals and objectives to business units stakeholders.
- Reviewing and establishing security policies, procedures, standards and guidelines to ensure safety of IT/ICS assets that adhere to business needs, industrial best practices and regulatory requirements.
- Develop and execute cyber risk assessment to identify security operations gaps, vulnerabilities and risk in IT/ICS environment.
- Manage compliance with information security policies, procedures, standards and guidelines
- Assessing and reviewing security controls to ensure they are adequate in protecting our IT/ICS assets.
- Develop strategies, plans and implement endorsed treatment and measures to address security gaps.
- Recommend and drive security initiatives to fix security gaps/risks.
- Integrate security solutions and design principles to develop a robust and coherent security architecture for our IT/ICS environment.
- Develop a control plan for the security system architecture based on organizational guidelines and security principles.
- Recommend modifications to security control designs to boost the protection of IT/ICS assets
- Develop hardening guidelines for operation systems, network devices and work with IT/ICS team to ensure systems are hardened.
- Lead an incident response team at business unit level to response, remediate and resolve cyber incidents. At the same time synchronise the responses with organisational cyber response team.
- Leading and facilitating internal and external audits and compliance checks.
- Provide security advisory and consultancy to IT/ICS projects and tasks.
- Undertake security projects and tasks that address cyber threats and vulnerabilities.
- Familiar with latest industry standards, regulatory requirements and the potential impacts to IT policies, standards, and procedures
QUALIFICATIONS & EXPERIENCE
- Technical know-how and experience in IT security solutions.
- Certifications such as CISA, CISM, CISSP, CCSK, CRISC, CGEIT will be an added advantage
- Knowledgeable in IT Security, Cyber Security, Cloud Security, SDLC and security/regulatory standards such as NSIT, ISO 27001 Framework, Cybersecurity Act – Cybersecurity Code of Practices
- Minimum 6 years’ experience in IT Security, Compliance & Operations
- Experience in security review and risk assessment with Enterprise Architecture and ICS environment
- Security related experience such as (but not limited to) hardening, control measures in Operation System like Windows, Unix, Linux environment
- Experience with Industrial Control Systems (ICS) and SCADA environment will be an added advantage
PREFERRED SKILLS & CHARACTERISTICS
- Independent worker with initiatives, positive attitude and team player
- Good analytical skills and attention to details
- Good verbal and written communication
This role will be based in the Hill Street Office
**We regret to inform that only shortlisted candidates will be notified.