#SGUnitedJobs IT Security Consultant
GOVERNMENT TECHNOLOGY AGENCY
Information Technology, Public / Civil Service
- Involve in the provision of cybersecurity consulting services for large, national or Whole-of-Government projects or systems.
- Security Monitoring
- Provide support to the implementation and operations of the in-house security monitoring systems to monitor the network infrastructure and systems for security threats, work with the relevant IT team to ensure suspicious network traffic and system activities are investigated and remediated.
- Maintain an overview of all IT security alerts to ensure that actions are taken to investigate and resolved them in a timely manner.
- Work with the vendor to implement and maintain the in-house security systems to monitor the network infrastructure and systems for security threats.
- Security Consultancy
- Provide security consultancy for key ICT development projects to ensure that relevant security risks are identified, key security requirements are defined and designed into the system, implemented in accordance to the security design, and in compliance with prevailing ICT security policies and standards.
- Oversee outsourced vendors on security deliverables and the security robustness of the project.
- Work closely with stakeholders, project teams, and outsourced vendors to ensure security objectives are achieved.
- Security Assurance
- Ensure ICT infrastructure and systems are implemented and operating in compliance to the prevailing ICT security policies and standards. Review and update the ICT security policies and standards to align it with the whole of government ICT security policies and changes in the business and IT environment. Involves in designing artefacts (spanning design, development, and implementation) into enterprise systems that describes security principles and how they relate to the overall Enterprise System Architecture.
- Review security architectures, designs and implementations to ensure compliance with prevailing ICT security policies and standards.
- Involve in security tests, reviews and audits, as well as reviewing the results of security tests, reviews and audits to ensure security assurance is achieved.
- Ensure that open security audit items and security vulnerabilities are closed.
- Degree in Computer Science, Computer or Electronics Engineering or Information Technology or related disciplines
- Minimum 3-5 years of IT security experience in IT security consultancy, and security monitoring (which includes experience in management, deployment and maintenance of security monitoring solution)
- Knowledge of security technologies and products (such as SIEM, Log Management and
- Analysis Tools, firewall, cryptography, vulnerability scanning tools, endpoint security), MITRE ATT&CK framework, network security, cloud security and application security.
- Knowledge of network security architecture concepts including topology, protocols, components and principles (e.g., application of Defence in-Depth).
- Understands the attacker’s perspective which includes the attack methodologies on operating systems and applications and attack phases
- Knowledge and experience in ICT security risk assessment and management
- Knowledge of security standards such as ISO/IEC 27001/2
- Knowledge and experience in the provision of ICT security consultancy services would be preferred.
- Team player with good interpersonal skills
- Possess good written, verbal and presentation skills
- Security certification such as CISSP, CISA, SSCP, Cloud Security, or related certification would be an advantage
Closing on 04 May 2021