As a Cybersecurity Specialist, you will be responsible for security risk assessments, cybersecurity monitoring and operations.
You will report to the Cybersecurity Manager and provide support in all aspects of cybersecurity for NTUC Health, to identify, analyze and mitigate cybersecurity risks in order to safeguard personal data, protect the organization's systems and ensure compliance with relevant regulations and standards.
Key Responsibilities:
● Primary Point of Contact, and First Responder (monitoring and responding to alerts from Managed Services)
● Perform security risk assessments, formulate and advise on a risk treatment plan
● Review security testing reports (e.g. vulnerability assessment, penetration testing and secure code review) and work with application teams for remediation
● Coordinate cybersecurity awareness activities (e.g. newsletters, trainings, phishing campaigns)
● Support cybersecurity operations using enterprise security solutions (e.g. onboarding of privileged accounts to PAM, implementing WAF for website protection, and reviewing firewall rules, etc.)
● Work closely with Infrastructure and End User Support teams to identify and address any risks and gaps in the infrastructure, endpoints, and application systems
● Collaborate with third-party vendors and contractors to ensure the security of outsourced systems and services.
● Assist the business in performing business impact analysis and maintaining a cybersecurity risk register
● Support vendor due-diligence process and help to guide overall third-party risk management efforts
Snr / Cybersecurity Specialist● Support both internal audit and external audits (e.g. ISO)
Qualifications
Qualifications and Requirements:
● Bachelor's degree in Computer Science, Information Technology, Cybersecurity or a related field.
● Minimum of 3 years of experience in Cybersecurity
● Experience with security technologies such as firewalls, intrusion detection/prevention systems, and data encryption.
● Has knowledge in security technologies such as Antivirus/Endpoint Detection and Response (EDR), Privilege Access Management (PAM), and Web Application Firewall (WAF)
● Familiarity with security assessment tools and techniques, including vulnerability scanning and penetration testing.
● Experience in vendor and project management
● Relevant professional certifications such as CISSP, CISM, or CISA are preferred.
● Excellent communication skills and the ability to explain complex technical concepts to non-technical stakeholders.
● Strong analytical and problem-solving skills
● Highly driven and willing to learn