It Security Manager (Itsm)

• Singapore - Central Singapore - Singapore

• Singapore - Central Singapore - SINGAPORE

You Will:

• To be the first person and POC for all security incidents
• The ITSM shall inform the parties listed in the Technical SOP within the Expected Response Timeline of the Incident Management.
• The information to be provided shall include the incident reference number, description, date and time and the impact (including who had been affected) of the incident.
• To administer, maintain and assess the implementation of security processes.
• To develop System Owner support for acquiring and sustaining adequate resources for incident response.
• To be the corporate intermediary for coordinating communications between System Owner and incident response personnel.
• To serve as a trusted custodian of incident information for ensuring the preservation and admissibility of evidence.
• To ensure the compliance with the required IT security policies.
• To perform the logs review in all security system manager by AFM team
• To review system logs and to work with agency manager and onsite technical team on necessary actions
• To do regular policy check and review, ensure all are in line with agency requirements.
• To promote IT security awareness and responsibility.
• To participate in incident response table-top exercises, simulation and drills either conducted internally by the Contractor or as required by GovTech.

Resolution for Preventing Recurrence of Security Incidents

• For cases where workarounds are implemented, the ITSM shall identify the root causes and implement permanent resolutions according to the Problem Management process.
• To assist with management/containment/remediation/eradication of security incident
• To assist with Risk assessment

• The ITSM shall be responsible to close all IT security incidents in accordance with the Incident Management process.
• For every IT security incident, the ITSM shall submit to the Representative an incident report in draft within one (1) day and a final version within three (3) days of incident resolution, unless otherwise agreed by the Representative.
• The incident record shall be closed only when the incident report is accepted by the Representative. The Representative reserves the right to verify the details in the incident report against the associated incident record maintained by the ITSM. The incident report shall be in the format defined by the Representative.

He/She is required to participate in following audit activities performed by 3rd party auditors or internal auditors:

(a) IT Security Review (b) IT Vulnerability Assessment (c) IT Security Penetration Testing (d) IT Security Compliance Review

You Bring:

• Minimum 5 years of experience in Cyber Security Management
• Must have vulnerability management systems hands on (Tenable SC+, Nessus Manager, DLP, Insider security and Splunk )
• Must have certification :CEH, CISSP or CISA
• Preferred certifications: PMP, CISM, or other professional security certification added advantage

Preferred skills:

• Application Security
• Open Web Application Security
• Penetration Testing
• Identity Management
• Federal Information Processing Standards (Fips)
• Federal Information Security Management Act

• Singapore - Central Singapore - Singapore

• Singapore - Central Singapore - SINGAPORE