IT Governance & Security Officer

  • Job Category
    Information Technology, Public / Civil Service
  • Contract type
    Full Time

Job Description

As a Senior Officer in ITE, your challenge is to formulate, review and implement policies and schemes in specific functional areas.


‐ Develop and review IT security and usage policies based on the Singapore Government Instruction Manual and relevant ICT security best practices
‐ Work with internal units to conduct regular reviews and audit of IT systems and applications to ensure statutory compliance
‐ Provide security guidance to other IT and business units in the risk assessment of the project implementation
‐ Liaise and support internal and external auditors to facilitate IT security audit and review
‐ Provide assistance in the investigation of security incidents by working with other government agencies
‐ Communicate security basics to the general user population including formalizing and implementing a Security Awareness program to raise user awareness and understanding of basic security concepts
‐ Develop and updating of the Business Continuity Plan and the Risk Assessment of the IT systems
‐ Work with project teams to ensure timely submission on various polls, monthly/quarterly/yearly submission requests from internal and external bodies

A. General Requirements
‐ Possess suitable academic or professional credentials in Information Technology, Computer Engineering, Computer Science or related field
‐ Familiarity with Government Tendering procedures and IT Network Security Policies would be advantageous
B. Technical Requirements
‐ Minimum 5 years of experience in the areas of IT Governance and/or IT security practices
‐ Possess relevant IT Governance, security and project management certifications. (eg COBIT, CISSP, CISM, PMP)
‐ Having a background in Information Systems or relevant disciplines an advantage
‐ Experience in developing guidelines on hardening of operating systems
‐ Experience in using common security products (RSA, Symantec)
‐ Familiar with Dynamic Application Security Testing (DAST) tool to perform automated vulnerability scanning, web application security scanner pertaining to OWASP Testing Guide
‐ Have strong analytical, communication and writing skills
‐ Diligent, resourceful and able to multitask in a dynamic work environment
‐ Meticulous in planning and tracking

Applicants may check their application status at the end of 8 weeks from the closing date of this job posting.


Closing on 24 May 2021