Reporting to the Head of Cyber and Governance, you will collaborate with a team of IT professionals across both Infra and Apps to drive digital transformation by securing IT infrastructure and applications for one of the NTUC Social Enterprises to meet the learning needs of Singapore's community.
You will get to do hands-on management on our daily security operations related to our enterprise security solutions such as Antivirus, Phishing and Training Platform, Privileged Access Management (PAM), etc.
In addition, you will also need to track and manage daily cyber incident tickets such as reporting of potential cyber incidents, investigate reporting of phishing emails, etc.
You will also get support related audits such as yearly IS Audit and Cyber Trust Mark.
• Oversee daily security operations, manage enterprise security solutions (e.g., Antivirus, PAM, phishing training platforms), and collaborate with internal IT teams and vendors for on-time solution deployment.
• Track, investigate, and resolve cyber incidents (e.g., phishing reports, security alerts).
Escalate critical issues as necessary.
• Conduct security risk assessments, formulate risk treatment plans, and support third-party risk management and vendor due diligence.
• Assist in internal and external audits, including Cyber Trust Mark and IS audits.
Ensure compliance with cybersecurity frameworks.
• Review security reports (e.g., vulnerability assessments, penetration testing), monitor vulnerabilities, and coordinate with teams on remediation efforts.
• Manage cybersecurity awareness activities, including phishing campaigns, workshops, and Business Continuity Planning (BCP) exercises.
Requirements:
• Possess a diploma / degree in Information Technology, Cyber Security or related fields
• Certifications are encouraged and demonstrate continuous learning and intake of standard methodologies applicable for this role.
Eg. CISSP/ CISM/ CISA certifications or equivalent
• Preferably 1-3 years of experience in relevant cybersecurity fields
• Experience in managing security solutions such as Tenable, Enterprise Antivirus Solution, PAM, 2FA or other similar security technology stack
• Experience in supporting Cyber Controls in Cloud Environment (e.g. AWS or Azure) is preferred
• Ability to work with distributed teams to operate, institute real time awareness of security posture and baseline
• Able to engage and manage stakeholders
• Ability to communicate complex concepts clearly across different audiences and varying levels of the organization
• Experience in Project Management will be advantageous
• Experience and knowledge in cybersecurity standards such as Cyber Trust Mark, ISO27001, NIST, etc.
will be advantageous
• Passion in contributing to a social purpose through technology
• Highly driven, willingness to learn