#SGUnitedJobs Senior Consultant, ICT Security
GOVERNMENT TECHNOLOGY AGENCY
Information Technology, Public / Civil Service
To enhance infocomm security capabilities in GovTech and the whole-of-government, GovTech is beefing up the CISO office team at the certain ministries to oversee infocomm security management.
What to Expect:
- To manage the ICT security governance and monitoring programme to ensure that key ICT infrastructure and systems are secured and in compliance to prevailing ICT security policies and standards. This includes:
- Security Assurance – Ensure ICT infrastructure and systems are implemented and operating in compliance to the prevailing ICT security policies and standards. Review and update the ICT security policies and standards to align it with the whole of government ICT security policies and changes in the business and IT environment. Involves in designing artefacts (spanning design, development, and implementation) into enterprise systems that describes security principles and how they relate to the overall Enterprise System Architecture.
- Security Consultancy – Provide security consultancy for key ICT development projects to ensure that key security requirements are defined and designed into the system, implemented in accordance to the security design, and in compliance with prevailing ICT security policies and standards. Security Monitoring – Oversee the implementation and operations of the in-house security monitoring systems to monitor the network infrastructure and systems for security threats, work with the relevant IT team to ensure suspicious network traffic and system activities are investigated and remediated. Maintain an overview of all IT security alerts to ensure that actions are taken to investigate and resolved them in a timely manner.
How to Succeed:
- Degree in Computer Science, Computer or Electronics Engineering or Information Technology or related disciplines
- Minimum 8 years of IT security experience in IT security management, security consultancy, and security monitoring
- At least 3-years hands-on experience in one or more of the following security areas: network design, application development, cryptography, cloud hosting design and implementation, security risk assessment and management, DevSecOps consulting, threat hunting.
- Knowledge of network security architecture concepts including topology, protocols, components and principles (e.g., application of Defence in-Depth).
- Able to articulate and validate that the security architecture maintain cybersecurity attributes (confidentiality, integrity, accountability, and assurance), addresses security requirements (e.g. authentication, authorisation etc.), security risks of a particular environment / scenario, and specifies where and how the security controls are applied to or engineered into the security design
- Relevant working experience in implementing and operating an in-house ICT security threat monitoring systems, development and implementation of ICT security policies and standards, and provision of ICT security consultancy services.
- Knowledge of security technologies and products (such as SIEM, Log Management and Analysis Tools, firewall, cryptography, vulnerability scanning tools, endpoint security), security architecture, network security, cloud security and application security.
- Singapore Citizen only
Closing on 24 May 2021