Information security officer Permanent

Contract type:
Permanent

Location:
Singapore

Industry:
Security

REF:
37805

Contact name:
Danica Pagsisihan

Contact email:

Job published:
about 9 hours ago

Key Words: Information Security, Vendor Management, Endpoint Protection, SIEM, CASB, Perimeter Security, Security Policies and Standards
Role: Information Security Officer
Industry: Information Security, Information Technology
Location: Singapore

About Our Client

Our client is an innovative ad and marketing global organisation creating and executing disruptive ideas that allow brand/s and products to gain a greater part of the future.

About the Information Security Officer

This role will be managing and enhancing the overall security posture of the organisation’s business and services. The preferred candidate possesses excellent written and verbal communication skills and can interface well with people with various technical and non-technical backgrounds. Strong physical and information security skills and be able to formulate plans and see them through the entire lifecycle. A proven track record of managing security in operation programs, strategic services, and projects to minimize the risk of exposure to the business.

The candidate also understands that supporting people everywhere is one of the most critical roles that they must perform, and this means that they must be open and approachable and have a focus on action. They are results-oriented with strong focus on delivery. They can work independently and collaboratively with diverse global teams. This role also requires a professional with technical mindset. Hands-on experience in security systems such as network and access control are preferred.

About You

Please note: Interested Applicants must be able to work in Singapore.

Extensive experience with managing enterprise level security or experience in a related role with increasing scope, responsibility, and complexity at a multinational organisation

Bachelor’s degree (BA or BS) Management Information Systems, Information Security, Information Technology, or any related field of study.

CISA, CISM, CRISC, CCSP certifications are an advantage.

Ability to cultivate relationships and act as a consultant to varied stakeholders including cross-functional / peer relationships with diverse, global teams.

Experience in project management and corporate security environment for a global company in areas such as policy creation, training or awareness, cybersecurity, physical security controls, etc.

Technical audit experience such as PCI-DSS, NIST, OWASP, ISO27001, SOX, penetration testing, etc., and ability to assess complex systems.

Awareness of global data protection standards, privacy laws, and regulations, and risk management methodologies.

Good understanding of security, administration, design, and implementation of operating systems and network security controls for both physical hardware and cloud-based SAAS / cloud-hosted solutions.

Strong interest in and understanding of infrastructure security concepts, cloud-based architecture, security controls and technologies, industry best practices, access controls, forensics, and metrics

Advanced understanding of Microsoft 365.

Key Responsibilities

Build relationships with different stakeholders in the business.

Conduct information security audits for vendors and software tools.

Take part in implementation and management of the company’s security platforms such as endpoint protection/security, encryption, SIEM, CASB, perimeter controls/security and more.

Build suitable plans to proactively mitigate potential security risks.

Work with different teams internally to identify and reduce weaknesses on a continuous basis.

Support in developing, maintaining, and enforcing information security policies, standards, and procedures including incident investigations.

Take part in training or awareness programs throughout the company to ensure all permanent and contracted staff are aware of policies, common risks, and how to identify and respond to potential security incidents.

Evaluate and redesign existing workflows to create operational efficiencies.

Keep abreast with emerging security trends, risks, new guidance, or standards (internal and external), and security-enhancing technologies.

If you are interested to learn more about the above job role or any other job opportunities, please apply to this job advertisement or alternatively contact the following consultant:
Danica Pagsisihan