Total 1,238 it specialist job vacancies in Legal / Public / Security category in The United States of America

Position

Data Security Specialist- Data Security and Endpoint Security

Data Security Specialist is a technical Specialist role within the Data Security Services team and will be responsible for managing, administration and supporting the Data Security and Endpoint Security technologies for the bank.

Person will be the technical point of contact for the Run team and the related activities to data security and will be the last level of escalation for the Security specialists in the team. He/She is also responsible for the technical transition and validation of Security services from other regions to Singapore. He/She will be involved in projects and POC’s that may involve security services. He/She works with continuous improvement principles. He/She is equivalent to the Subject Matter Specialist on the technologies within data security.

Data Security Services team in Singapore is responsible for day-to-day operational services on the infrastructure of Europe (mainly France and UK) and Asia remotely from Singapore. France infrastructure represents approximately 80% of the worldwide production activities of CA-CIB in Singapore.

Team works in Europe time zones and this role will be aligned primarily to Paris working hours. Flexible rotations are followed based on the nature of duties.

The operational support of the team covers the following technical scope:

• Endpoint Security technologies – Anti-virus management, Host Intrusion Prevention System etc.
• Data Leak Prevention systems. - Email Prevent, Web Prevent, Endpoint Protect,
• Encryption Solutions: Disk Encryption, File and Folder encryption,
• Database Audit Monitoring solutions
• Email and Web Phishing Prevention solutions.
• Vulnerability Management

Detailed Job Responsibilities

The Specialist has a wide spectrum of responsibilities and actions. Person will be responsible for following (but not limited to) responsibilities in day-to-day work:

As the Specialist of the team, he/she:

• act as the last level of escalation for the team members
• own Incident, Problem and change management process for the team
• assigns technical tasks and manages delegation
• animates the team to encourage collaboration and sharing of practices
• participates to recruitment process for the team

As the Specialist of his/her scope of activity, he/she:

• is actively involved in incident management (fault investigation, resolution escalations of all monitoring alerts and user initiated problem calls/tickets) and request management
• Is the final technical approver for any changes into Data Security systems and is accountable for any technical changes in the environment from a RUN/BAU perspective
• Is involved in projects like End of Life, New Builds, migrations and technical upgrades of the solution managed by the team
• Participates in global Infra events (like Power down and DR Tests)
• ensures activity is performed in compliance with norms, standards, processes and procedures
• gathering required evidence using multiple forensic tools to investigate any data leak incident, conducting interrogation if required, case closure and reporting
• ensures documentation is up to date and relevant for use
• lead the continuous improvement initiatives
• responsible to drive and deliver root cause for any high severity issues
• Focus on automation and optimum use of the team to improve efficiency
• Maintain appropriate knowledge to ensure to be fully qualified to undertake the role.
• Complete all mandatory training as required to attain and maintain competence
• Comply with all applicable legal, regulatory and internal Compliance requirements, including, but not limited to, the Singapore Compliance manual and Compliance policies and procedures as issued from time to time; Financial Security requirements, including, but not limited to, the prevention of Financial Crime and Fraud including reporting obligations to the Money Laundering Reporting Officer.

Work Schedule

• Work schedule is mainly focused to support Asia and EMEA (Paris) time zone; however, may have to support during non-offce hours for critical incidents or escalation as per the assigned on-call support requirements;
• Rotational Shift schedule is followed;
• Work Hours: 2 PM – 11 PM SGT (with 1 week of General shift 9 AM – 6 PM SGT).

Qualifications and Profile

Functional

• 8 - 10 years of IT Security experience in administration and management of IT Security technologies primarily Symantec Data Loss Prevention, Symantec Endpoint Protection, Email Security, Data Classification and other endpoint & data security solutions;
• Should be a bachelors/masters/engineering graduate or equivalent technical degree in Information Technology or Computer Science;
• Knowledge of different domains of IT Security;
• Working & hands-on experience in administering the IT Security Solutions;
• Must have experience in working in similar Production setup in Run (Operations) mode;
• Ability to apply risk based approach while working on assigned responsibilities;
• Experience in defining, implementing, and enforcing enterprise-level IT security policies for endpoint and data security solutions;
• Must have working experience in managing endpoint security solution for a Large enterprise level environment, working experience in financial organization is preferred;
• Excellent in analytical, communication and documentation skills;
• Ability to organize work and be able to priories work as per the needs of Production Operation’s needs;
• Must have strong understanding of ITIL processes and comfortable working in process oriented environment;
• Ability to work independently and as well as a part of team and is able to work under minimal supervision;
• Should have time management skills and able to manage work in fast moving environment;

Technical

• Hands-on experience on Symantec Data Loss Prevention (DLP);
• Highly proficient in data leakage prevention (DLP) technologies - troubleshooting and configuration management;
• Deployment, integration and administration experience of various components of Symantec DLP:

- Symantec Endpoint Protect

- Symantec Web Prevent

- Symantec Email Prevent

- Symantec Enforce

• Must have experience in defining, designing and configuring DLP Policies as per the business requirements;
• Deploy, upgrade and troubleshooting knowledge on Symantec DLP solution;
• Scripting knowledge (Phyton, Regular Expression, Powershell) is desirable;
• Professional Certifications:

- CISSP certified is highly preferred

- Symantec Certified Specialist: Administration of Data Loss Prevention (any version) is highly preferred.

Interested applicants, please email your resume to Shaun Quek Yew Meng

Email: shaunquek@recruitexpress.com.sg

CEI Reg No: R1660732

EA Licence No: 99C4599

Responsibilities

• Manage sourcing for multiple, complex searches to find and engage key technical talents of all levels globally.
• Collaborate closely with the Recruiting team (TA Partners and Recruitment Coordinators) & hiring managers throughout the recruitment lifecycle to ensure business needs and goals are fulfilled.
• Develop a holistic business understanding and manage stakeholder relationships including HRBP, hiring managers, and external partners.
• Own and drive innovative sourcing strategies, initiate new projects and/or optimise current processes to improve recruiting process and efficiency.
• Conduct complex data analysis and share up-to-date, accurate, and value-adding market intelligence to business leaders to support business growth.
• Ensuring a great candidate experience and advocate as a great place to work for all candidates.

Qualifications

• Proven experience with research/sourcing tools (ie. Boolean, LinkedIn and other alternative sourcing techniques) to identify & engage passive candidates within the tech industry talent space.
• Excellent interpersonal skills with the ability to build rapport quickly with stakeholders and communicate effectively across all levels of the organization internally, as well as externally.
• Ability to contribute in a fast-paced work environment and prioritise multiple functions and tasks.
• At least 1 year of equivalent sourcing experience in a high-volume environment (via recruitment agencies or in-house recruiting environment).
• Proven track record in sourcing/recruiting tech roles with solid understanding of global tech talent market.
• Strong analytical and problem-solving skills with the capability to analyse high amounts of data to support business strategies and decisions.

Wipro Limited is a leading global information technology, consulting and business process services company. We harness the power of cognitive computing, hyper-automation, robotics, cloud, analytics and emerging technologies to help our clients adapt to the digital world and make them successful.

A company recognized globally for its comprehensive portfolio of services, strong commitment to sustainability and good corporate citizenship, we have over 220,000 dedicated employees serving clients across six continents. Together, we discover ideas and connect the dots to build a better and a bold new future.

IT Security Specialist - Symantec DLP

Responsibilities

• Manage the different IT Security platforms seamlessly.
• Handle first point escalation for all technical and process issues.
• Provide technical subject matter expertise wherever required.
• Ensure proper communication and quick resolution as a crisis manager.
• Plan and schedule Changes, Coordinating with different stakeholders.
• Escalate issues to the next level and management in a timely manner.
• Perform RCA for Major Incidents related to his / her tower Follow quality / security process defined for the engagement.
• Perform Trend analysis, identify top few incidents and work with respective teams/individuals to minimize the incidents, hardware/software troubleshooting.
• Participate in business meetings with various stake holders on a need basis.
• Take corrective actions based on the analysis performed or issues identified.
• Liaise with different vendors to clarify questions or to resolve issues.
• Liaise with different teams in different geographical zones.
• Work on the service improvements.
• Effort estimation/reviews on need basis for new projects.
• Train/mentor team members.
• Work on knowledge acquisition and update related documents.
• Work on projects related to endpoint security and data security.
• Adhere to different policies set out by the organization and the customer.
• Educate team members and other teams or customers on different security policies.
• Prepare and provide different reports (weekly/monthly/ad-hoc) to the lead or manager as necessary.
• Participate in rotational on-call rota for data security platforms.
• Perform changes or work on incidents during weekends as necessary.

Requirement

Primary Skills:

• Expert Knowledge on Symantec Data Loss Prevention

Secondary Skills:

• Trend Micro Deep Discovery Email Inspector (or experience in any other Sand boxing based Security solution e.g. FireEye, McAfee Advance Threat Detection, Symantec Advance Threat Protection)
  Imperva Secure sphere (Database Audit Monitoring)
• Excellent in analytical skills
• Strong people, project/task management and communication skills
• Experience in defining, implementing, and enforcing enterprise-level security policies and business processes
• Knowledge and working experience in Financial Organizations is desirable
• Knowledge & working experience in IT Security
• In-depth understanding of endpoint and data security solutions
• Symantec Certified Specialist certification is a must: - Administration of Symantec Endpoint Protection
• CISSP certification is preferred.
• Excellent written and oral English communication skills
• Knowledge of French language is preferred

Other Infomation

• Rotational Shift ( 9 Hours / Shift), Work is mainly focused on Asia and Paris time zone; however may have to support in nights and weekend as per on call requirements

We thank all applicants for your interest but regret to inform that only shortlisted candidates would be notified.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, caste, creed, religion, gender, marital status, age, ethnic and national origin, gender identity, gender expression, sexual orientation, political orientation, disability status, protected veteran status, or any other characteristic protected by law.

About Us!

The mission of Housing & Development Board (HDB) is to provide affordable, quality housing and a great living environment where communities thrive. To achieve its mission, HDB aims to be data-driven to the core and adopt evidence-based decision making in developing better housing policies service, improving service delivery and optimising operations.

What Will You Do?

You will be part of the Security Operations Centre (SOC) Team who will be responsible for the following areas Tier 2 SOC Analyst responsible for investigating alerts and incidents escalated by Tier 1 Analysts, Develop and enhance SOC processes and procedures, ensuring effective operations, Coordinate with stakeholders to address, follow up and resolve security alerts. Operate and maintain security monitoring tools such SIEM, EDR and SOAR. Gather and analyse Cyber intel. Conduct Threat hunting. Lead the adoption of new technological advances and best practices in cybersecurity monitoring and response.

You will be a Great Fit if you:

- Demonstrable experience and in-depth knowledge in cyber security operations, cyber intelligence gathering, incident response and investigations.

- Have strong experience in various cyber security technologies such as IDS/IPS, firewalls, SIEM, APT, email security, web security, endpoint security, malware analysis, etc

- Have experience in threat hunting / red teaming will be preferred.

- Have at least 2 years of experience as a Tier 2 analyst in a SOC.

- Have professional certifications would be added advantage: CISSP, GIAC Certified Incident Handler, EC-Council CEH and CSA, or any other relevant qualifications

Good to Have:

- High attention to detail and quality.

- Be able to work under pressure and meet deadlines.

- Must be highly reliable, trustworthy, honest, and commitment oriented.

- Strong written and verbal communication skills

- Autonomous

- Take ownership

Successful candidates will be offered a 1+1 year contract in the first instance. Conversion to perm is dependent on good performance.

Find out more about a career with HDB at www.hdb.gov.sg/cs/infoweb/about-us/careers

Please apply for the job through the Careers@Gov job portal as linked:

https://www.careers.hrp.gov.sg/sap/bc/ui5_ui5/sap/ZGERCFA004/index.html#/JobDescription/14542075/2fc68717-fd53-1ede-bce4-ab8bfed8329f

Company’s Profile
Julian Grey’s client is a solution provider for security and enterprise applications.

Responsibilities
• Plan, implement, manage, monitor, and upgrade IT security solutions.
• Support projects by delivering project deliverables and completing milestones.
• Develop and maintain technical, operational, and configuration documentation necessary for project implementation.
• Coordinate and manage vendors for product implementation and troubleshooting.
• Evaluate security products and conduct Proof of Concept (POC) to verify the effectiveness of security measures, ensuring their continued efficacy post-implementation.
• Provide technical support and incident response for IT security infrastructure components to the maintenance team.

Requirements:
• Proficient in Endpoint Security solutions, including Anti-Malware, Host Firewall, Application & Change Control, Disk Encryption, and EDR.
• Knowledgeable in Identity & Access Control solutions, such as PKI solutioning, Hardware Security Module (HSM), Privileged Access Management, 2FA, and OS Hardening Policies.
• Implement Endpoint or Identity & Access Control Security tools.
• Familiarity with various operating systems like Windows or Linux.

Follow us for more updates, interview tips!
https://www.instagram.com/juliangreygroup/
https://www.linkedin.com/company/juliangreygroup/
https://www.facebook.com/juliangreygroup/
Our telegram channel for job opportunities - https://t.me/jobopportunitiessg

Interested Applicants
Please WA Bryan Tay @ 97559161
Shortlisted Candidates will be notified

Bryan Tay Reg No. R23112463
Julian Grey Corporate Advisory Pte. Ltd.
EA License No: 19C9568

Job Description:

As the Specialist of the team, he/she:

• Act as the last level of escalation for the team members
• Own Incident, Problem and change management process for the team
• Assigns technical tasks and manages delegation animates the team to
• Encourage collaboration and sharing of practices participates to recruitment process for the team

As the Specialist of his/her scope of activity, he/she:

• Is actively involved in incident management (fault investigation, resolution escalations of all monitoring alerts and user initiated problem calls/tickets) and request management
• Is the final technical approver for any changes into Data Security systems
• Is accountable for any technical changes in the environment from a RUN/BAU perspective
• Is involved in projects like End of Life, New Builds, migrations and technical upgrades of the solution managed by the team
• Participates in global Infra events (like Power down and DR Tests) ensures activity is performed in compliance with norms, standards, processes and procedures
• Gathering required evidence using multiple forensic tools to investigate any data leak incident, conducting interrogation if required, case closure and reporting
• Ensures documentation is up to date and relevant for use lead the continuous improvement initiatives responsible to drive and deliver root cause for any high severity issues
• Focus on automation and optimum use of the team to improve efficiency
• Maintain appropriate knowledge to ensure to be fully qualified to undertake the role.
• Complete all mandatory training as required to attain and maintain competence
• Comply with all applicable legal, regulatory and internal Compliance requirements, including, but not limited to, the Singapore Compliance manual and Compliance policies and procedures as issued from time to time
• Financial Security requirements, including, but not limited to, the prevention of Financial Crime and Fraud including reporting obligations to the Money Laundering Reporting Officer.

Requirements:

• 8 - 10 years of IT Security experience in administration and management of IT Security technologies primarily Symantec Data Loss Prevention, Symantec Endpoint Protection, Email Security, Data Classification and other endpoint & data security solutions;
• Should be a bachelors/masters/engineering graduate or equivalent technical degree in Information Technology or Computer Science;
• Knowledge of different domains of IT Security;
• Working & hands-on experience in administering the IT Security Solutions;
• Must have experience in working in similar Production setup in Run (Operations) mode;
• Ability to apply risk based approach while working on assigned responsibilities;
• Experience in defining, implementing, and enforcing enterprise-level IT security policies for endpoint and data security solutions;
• Must have working experience in managing endpoint security solution for a Large enterprise level environment, working experience in financial organization is preferred;
• Excellent in analytical, communication and documentation skills;
• Ability to organize work and be able to priories work as per the needs of Production Operation’s needs;
• Must have strong understanding of ITIL processes and comfortable working in process oriented environment;
• Ability to work independently and as well as a part of team and is able to work under minimal supervision;
• Should have time management skills and able to manage work in fast moving environment;

Technical

• Hands-on experience on Symantec Data Loss Prevention (DLP);
• Highly proficient in data leakage prevention (DLP) technologies - troubleshooting and configuration management;
• Deployment, integration and administration experience of various components of Symantec DLP: Symantec Endpoint Protect Symantec Web Prevent Symantec Email Prevent Symantec Enforce
• Must have experience in defining, designing and configuring DLP Policies as per the business requirements;
• Deploy, upgrade and troubleshooting knowledge on Symantec DLP solution;
• Scripting knowledge (Phyton, Regular Expression, Powershell) is desirable;

Professional Certifications:

• CISSP certified is highly preferred Symantec Certified Specialist: Administration of Data Loss Prevention (any version) is highly preferred.
• Work schedule is mainly focused to support Asia and EMEA (Paris) time zone; however, may have to support during non-offce hours for critical incidents or escalation as per the assigned on-call support requirements;
• Rotational Shift schedule is followed;
• Work Hours: 2 PM – 11 PM SGT (with 1 week of General shift 9 AM – 6 PM SGT).

About Us!
The mission of Housing & Development Board (HDB) is to provide affordable, quality housing and a great living environment where communities thrive. To achieve its mission, HDB aims to be data-driven to the core and adopt evidence-based decision making in developing better housing policies service, improving service delivery and optimising operations.

What Will You Do?

We are seeking a highly skilled and motivated Cloud Security Specialist to join our dynamic team and play a pivotal role in ensuring the security, integrity, and compliance of our cloud-based systems and applications. As a Cloud Security Specialist, you will work collaboratively with cross-functional teams to design, implement, and maintain robust security measures that protect our organisation's assets and data in cloud environments.

• Cloud Security Strategy: Develop, implement, and maintain an effective cloud security strategy and architectures that adhere to best practices, industry standards, and regulatory requirements.

• Security Architecture: Collaborate with engineering teams to design and implement common cloud security architectures, ensuring principles of least privilege, zero trust, defense in depth, and security by design.

• Infrastructure Security: Implement and manage security controls for cloud infrastructure components, including networks, virtual machines, containers, and serverless services. Apply security groups, network segmentation, and encryption to safeguard data in transit and at rest.

• Identity and Access Management (IAM): Design and enforce robust IAM policies to manage user access, authentication, authorisation, and privilege escalation within cloud environments.

• Security Monitoring and Incident Response: Set up and manage continuous security monitoring, threat detection, and incident response processes for cloud environments. Respond to security incidents, perform root cause analysis, and implement preventive measures.

• Vulnerability Management: Conduct regular vulnerability assessments to identify and remediate security weaknesses. Know how to apply patches and updates in a timely manner.

• Security Compliance: Ensure and assess cloud environments adhere to relevant government ICT/SS compliance frameworks and regulations.

• Security Automation: Build and maintain security automation scripts and tools to streamline security processes such as provisioning, configuration management, and incident response.

You will be a Great Fit if you:

• Have experience (2+ years) in designing, implementing, and managing security solutions in cloud environments (AWS, Azure, Google Cloud, etc.).

• Understand cloud security principles, including network security, encryption, identity and access management, and security monitoring.

• Are proficient in security tools such as intrusion detection/prevention systems, SIEM, vulnerability scanners, network firewalls, and web application firewalls.

• Have implemented security best practices within Infrastructure-as-Code frameworks (e.g. Terraform, CloudFormation, Ansible) to ensure secure infrastructure provisioning and configuration management.

Good to Have:

• Relevant professional certifications such as Certified Cloud Security Professional (CCSP), Certified Information Systems Security Professional (CISSP), AWS Certified Security – Specialty, or equivalent.

• Proficiency in scripting or programming languages (e.g., Python, PowerShell) for security automation and orchestration.

• Experience in using containerisation technologies, such as Docker, Kubernetes, AWS ECS, and knowledge in securing containers.

• Proficiency in implementing DevSecOps and CI/CD pipelines, with experience in relevant CI technologies such as Git, Gitlab, and Jenkins. Hands-on experience with security testing tools (e.g., SAST, DAST, SCA) and vulnerability management.

Successful candidates will be offered a 1+1 year contract in the first instance. Conversion to perm is dependent on good performance.

Find out more about a career with HDB at www.hdb.gov.sg/cs/infoweb/about-us/careers

Please apply for the job through the Careers@Gov job portal as linked:

https://www.careers.hrp.gov.sg/sap/bc/ui5_ui5/sap/ZGERCFA004/index.html#/JobDescription/14542063/2fc68717-fd53-1ede-bce4-a1fb0cb9b29f

About Us!
The mission of Housing & Development Board (HDB) is to provide affordable, quality housing and a great living environment where communities thrive. To achieve its mission, HDB aims to be data-driven to the core and adopt evidence-based decision making in developing better housing policies service, improving service delivery and optimising operations.

What Will You Do?

• Develop, maintain, and operationalise a Threat Risk Assessment framework for HDB to identify and mitigate the threats and risks in its IT systems and programmes.

• Work with key stakeholders to ensure high cybersecurity posture of application systems through activities such as the following:
i. Promote secure coding practices.
ii. Review of Vulnerability Assessment and Penetration Testing (VAPT) Cases
iii. Facilitate remediation of vulnerabilities arising from application security testing
iv. Setup DevSecOps through CI/CD pipeline
v. Securing Cloud Workloads
vi. Procure & Maintain Security testing Tools/services to support source code review and VAPT.

• Related works include Threat Risk Assessment, project specific cybersecurity specification, cybersecurity proposals evaluation, cybersecurity design review, System Security Acceptance Test and review, Vulnerability Assessment and Penetration Test.

• Manage and promote IT security awareness and outreach programme.

• Keep abreast of the latest industry ICT security practices and technologies as well as emerging threats and vulnerabilities and recommend appropriate controls for implementation to improve the enterprise security posture.

• lead and/or participate in the adoption of new technological advances and best practices in infrastructure security systems to mitigate security risks.

You will be a Great Fit if you:

• You should possess a strong background in ICT Security, Information Security, Information Technology, Computer Science, Cybersecurity or equivalent.

• At least 2 years of experience in ICT works involving the setup, development, and management of web-based systems, with at least 2years of relevant ICT security work experience.

• Preferably possess one or more appropriate IT security certifications, such as CISSP, CRISC, CISM, CISA, CEH, etc

• Preferably with strong knowledge and experience in information and cybersecurity risks, controls, vulnerability assessment/penetration testing, compliance, and industry IT/cyber security best-practices.

Good to Have:

• Domain knowledge of access control; telecommunications and network security; cloud security; Cybersecurity & information security governance and risk management; software development security; cryptography; security architecture and design; operations security; security incident response and management; business continuity and disaster recovery planning; legal regulations, investigations, and compliance; physical (environmental) security

• Knowledge in IT security principles and IT controls as well as industry best practices and frameworks pertaining to IT Controls (IM8, COBIT, ISO27001/2 etc.)

• Good understanding of the current IT/Cyber Security landscape Great Attitude to bring the best out our team
• work beyond business hours including weekend when necessary.

• possess good interpersonal and communication skills.

• demonstrate a strong sense of urgency and have good troubleshooting and problem-solving skills with good attention to detail.

• conduct research on ICT and cybersecurity technologies where necessary to perform the assigned tasks.

• have good command of written and oral English

Successful candidates will be offered a 1+1 year contract in the first instance. Conversion to perm is dependent on good performance.

Find out more about a career with HDB at www.hdb.gov.sg/cs/infoweb/about-us/careers

Please apply for the job through the Careers@Gov job portal as linked:

https://www.careers.hrp.gov.sg/sap/bc/ui5_ui5/sap/ZGERCFA004/index.html#/JobDescription/14542118/2fc68717-fd53-1ede-bce4-ce5277e5329f

About Us!
The mission of Housing & Development Board (HDB) is to provide affordable, quality housing and a great living environment where communities thrive. To achieve its mission, HDB aims to be data-driven to the core and adopt evidence-based decision making in developing better housing policies service, improving service delivery and optimising operations.

What Will You Do?

· ICT Security Governance:
Develop and implement enterprise-wide ICT security programmes as follows:
i. Establish the cybersecurity governance structure for HDB to ensure that the security posture is robust, resilient, and pragmatic
ii. Enhance and update the IT security policy, standards, procedures so that they are always current against the evolving cyber security landscape
iii. Manage the compliance with the GovTech ICT/SS Security Policies, Initiatives, Measures and the relevant Government Instruction Manual to further strengthen the WOG and HDB ICT security posture.
iv. Establish the governance and administer the Third-Party Management Policy and Procedure

· Cybersecurity Awareness Outreach
Manage and implement Cybersecurity Awareness Framework to promote IT security awareness and outreach programme as follows:
i. Raise HDB management and staff’s security awareness and appreciation of ICT Security to ensure HDB’s information assets are protected.
ii. Create good staff cyber security hygiene through regular ICT Security outreach programme such as annual ICT Security Awareness Talk, security advisories, conduct of Phishing exercise, road show.
iii. Keep abreast of key technology and skillset in the industry to maintain ICT Security personnel skills development.
iv. Identify various channels for the conduct of the security program such as cyber range exercises, technical certification, gamification.

· Identity & Access Management
To establish procedures and standards for the Identity and Access management in HDB as follows:
i. To administer and manage the user accounts and privileged access, so as to safeguard the confidentiality of ICT assets and systems in HDB.
j. To maintain and manage the access controls to applications on premises and on Cloud.
k. Digital Certificate Management

· Quality Audit and Security Reviews
a. To serve as an independent party to perform quality auditing and report to Management on the observations and recommendations.
b. To conduct regular security reviews on application systems and infrastructure to ensure the HDB’s systems and infrastructure are secured and reliable.
You are also to:
· keep abreast of the latest industry ICT security practices and technologies as well as emerging threats and vulnerabilities and recommend appropriate controls for implementation to improve the enterprise security posture.
· lead and/or participate in the adoption of new technological advances and best practices in infrastructure security systems to mitigate security risks

You will be a Great Fit if you:

You should possess a strong background in ICT Security, Information Security, Information Technology, Computer Science, Engineering (Computing/Telecommunication), Cybersecurity and/or Digital Forensic or equivalent.
At least 1 years of direct and relevant full-time ICT security work experience
Preferably possess one or more appropriate IT security certifications, such as CISSP, CRISC, CISM, CISA, CEH, etc
Preferably with strong knowledge and experience in information and cybersecurity risks, controls, vulnerability assessment/penetration testing, compliance, and industry IT/cyber security best-practices.

Good to Have:

Added advantage for candidates with knowledge in any of the following:
· Domain knowledge of access control; telecommunications and network security; cloud security; Cybersecurity & information security governance and risk management; software development security; cryptography; security architecture and design; operations security; security incident response and management; business continuity and disaster recovery planning; legal regulations, investigations, and compliance; physical (environmental) security
· Knowledge in IT security principles and IT controls as well as industry best practices and frameworks pertaining to IT Controls (IM8, COBIT, ISO27001/2 etc.)
· Good understanding of the current IT/Cyber Security landscape

Candidate also need to:
· to work beyond business hours including weekend when necessary
· possess good interpersonal and communication skills
· demonstrate a strong sense of urgency and have good troubleshooting and problem-solving skills with good attention to detail
· have good command of written and oral English

Successful candidates will be offered a 1+1 year contract in the first instance. Conversion to perm is dependent on good performance.

Find out more about a career with HDB at www.hdb.gov.sg/cs/infoweb/about-us/careers

Please apply for the job through the Careers@Gov job portal as linked:

https://www.careers.hrp.gov.sg/sap/bc/ui5_ui5/sap/ZGERCFA004/index.html#/JobDescription/14542108/2fc68717-fd53-1ede-bce4-b91408ebb29f

Main Responsibilities

Person will be responsible for following responsibilities in day-to-day work:

• Focal Point of contact for Technical management of Menlo Web Isolation Platform (“Menlo”). Person will primarily be responsible for managing the Menlo setup and ensuring the service is available, functional, and up-to-date;
• Propose, plan and execute timely upgrades to ensure that the Menlo setup remains current;
• Propose, plan and deploy the various security related policies by leveraging different features available in product;
• Active coordination with product support vendors for any product related issues or bugs;
• Propose, plan and execute actions to ensure that web traffic requests for identified users are routed through Menlo solution;
• Work with end-users where there are issues reported for external website accessibility and/or functionalities;
• Ensure policy exclusions are challenged, reviewed, validated and deployed as per approved plan;
• Periodical review of policy exclusions and ensure that they are relevant to the current context;
• Collaboratively work with network and other infrastructure teams globally for related issues;
• Propose, plan and execute Service improvements initiatives in order to elevate the current state, including identifying the activities to automate, improve and fine-tune the policies
• Handling RFCs, Incidents and Problem tickets under ownerships- and manage related day-to-day operations;
• Maintaining and Reporting the various KPI indicators pertaining to the technologies under administration scope and leading the report actions;
• Vulnerability Scanning and Remediation of the technologies under management scope
• Planning the periodical Technology Upgrades- testing and implementation;
• Identify Risks under respective technology under ownership, maintain Risk Register and work towards closure of risks and issues;
• Escalate- discuss and consult- technical issues, Incidents, RFC roadmaps and Problem tickets as required to next levels and Management in timely manner;
• Provide technical subject matter expertise on the solutions under technical ownerships;
• Perform Root Cause Analysis for Major Incidents and provide report in timely manner and maintain proactive follow-ups to close the actions;
• Perform Trend analysis, identify top few incidents and work with respective teams/individuals to minimize the incidents, hardware/software troubleshooting;
• Participate in meetings with various stake holders as per the schedules;
• Liaise with different vendors to ensure product issues are resolved as per operational and functional needs;
• Liaise with different teams in different geographical zones;
• Adhere to different policies set out by the organization;
• Prepare and provide different reports (weekly/monthly/ad-hoc) as necessary for Operations;
• Perform changes or work on incidents during weekends as necessary;
• Participate in periodical Disaster Recovery and Business Continuity exercises as per the plan;
• Maintain appropriate knowledge to ensure to be fully qualified to undertake the role;
• Comply with all applicable legal, regulatory and internal Compliance requirements, including, but not limited to, the Singapore Compliance manual and Compliance policies and procedures as issued from time to time; Financial Security requirements, including, but not limited to, the prevention of Financial Crime and Fraud including reporting obligations to the Money Laundering Reporting Officer.
• To take up additional responsibilities as per Operational needs for the scope under the team.

Work Schedule

• Work schedule is mainly focused to support Asia and EMEA (Paris) time zone;
• Work Hours: 2 PM – 11 PM SGT (with 1 week of General shift 9 AM – 6 PM SGT as per rotation).
• Rotational Shift schedule is followed between general and afternoon hours;
• Candidate have to be standby to support critical issues reported outside of business hours and on weekends. This will be based on On-call Schedule roster which is pre-defined.

Qualification Requirements

• 8 -10 years of IT experience with minimum 5 years of hands-on experience in network security managing web traffic proxies or web phishing prevention/web isolation platforms e.g. Menlo Web Isolation Platform
• Should be a bachelors/masters/engineering graduate or equivalent technical degree in Information Technology or Computer Science;
• Working & hands-on experience in administering the Menlo Web Isolation Platform and any of the Web Proxies solutions;
• Experience in managing Production setup in Run (Operations) mode;
• Ability to apply Risk based approach while working on assigned responsibilities;
• Experience in defining, implementing, and enforcing enterprise-level IT security policies for endpoint and data security solutions;
• Must have working experience in managing endpoint security solution for a Large enterprise level environment, working experience in financial organization is preferred;
• Excellent in analytical, communication and documentation skills;
• Ability to organize work and be able to priories work as per the needs of Production Operation’s needs;
• Must have strong understanding of ITIL processes and comfortable working in process oriented environment;
• Ability to work independently and as well as a part of team and is able to work under minimal supervision;
• Should have time management skills and able to manage work in a fast-paced environment.

Professional Certifications:

• Security Certifications: Comptia Security+, CISSP is highly preferred

Interested applicants, please email your resume to Shaun Quek Yew Meng

Email: shaunquek@recruitexpress.com.sg

CEI Reg No: R1660732

EA Licence No: 99C4599

About Us!
The mission of Housing & Development Board (HDB) is to provide affordable, quality housing and a great living environment where communities thrive. To achieve its mission, HDB aims to be data-driven to the core and adopt evidence-based decision making in developing better housing policies service, improving service delivery and optimising operations.

What Will You Do?

• Work with key stakeholders to ensure high cybersecurity posture of HDB applications through activities such as the following:

i. Develop and promote Secure Coding Practices.
ii. Collaborate with project teams to ensure compliance with Vulnerability Assessment & Penetration Testing requirements.
iii. Review security test reports and provide recommendations on remediation measures to application project teams, where necessary.
iv. Procure and maintain security testing tools to support Static Application Security, Dynamic Application Security Testing and Vulnerability Assessment & Penetration Testing.
v. Study and propose CI/CD pipeline to support DevSecOps.
vi. Perform Software Composition Analysis.

• Develop, maintain, and operationalise a Threat Risk Assessment framework for HDB to identify and mitigate the threats and risks in its IT systems and programmes.

• Manage and promote IT security awareness and outreach programme.

You are also to:
• Keep abreast of the latest industry Software security practices and technologies to manage emerging threats and vulnerabilities.
• Recommend and implement appropriate measures to improve the HDB Applications security posture.
• Lead and/or participate in the research and adoption of new technological advances and best practices in software security to mitigate future security threats.

You will be a Great Fit if you:

• Possess a strong background in software development with popular web/mobile technologies such as HTML, Javascript, Node.js, Angular, Java, ASP.NET, C#, PHP, Ruby, etc with knowledge on ICT Security, Information Security and Secure Coding.

• Have at least 2 year of relevant ICT security work experience.

• Possess one or more appropriate IT security certifications, such as CSSLP, CISSP, CRISC, CISM, CISA, CEH, OSCP, CREST etc.

• Have strong knowledge and experience in Information and Cybersecurity Risks, Vulnerability Assessment & Penetration Testing, Cloud Security, Container Security, Mobile Security, DevSecOps, Cryptography and other industry IT/cyber security best-practices.

Good to Have:

• Able to drive new initiatives for Cloud Security.
• Possess good interpersonal and communication skills.
• Proactive to troubleshoot with excellent problem-solving skills.
• Fluent in written and spoken English.
• Meticulous attention to details
• Work beyond business hours including weekend when necessary.

Successful candidates will be offered a 1+1 year contract in the first instance. Conversion to perm is dependent on good performance.

Please apply for the job through the Careers@Gov job portal as linked:

https://www.careers.hrp.gov.sg/sap/bc/ui5_ui5/sap/ZGERCFA004/index.html#/JobDescription/14542112/2fc68717-fd53-1ede-bce4-bfa2bfcdb29f

Job Responsibilities:

• Ability to deploy, configure and fine-tune security policies as well as performing threat hunting to proactively response to potential cyber threats.
• Manage and operate the IT Security Protection System which includes liaising with Maintenance Contractor to address technical & security issues and Health Checks.
• Manage and investigate Events of Interests and security vulnerabilities to identify early indicators and work with the respective team to address them.
• Facilitate and support (internal and external parties) on Cyber Security Incident management and response.
• Enforce IT Security Policy compliance which includes assessment of security posture of the organisation’s IT assets as well as recommending appropriate measures and controls to mitigate security threats within the organisation.
• Assist in all internal & external IT audits. Follow-up with the respective Risk Owners to remediate audit findings.
• Review and enhance IT security policies, procedure and documentations with respect to industry standards and best practices.
• Facilitate, plan and conduct Cyber Security Awareness Training, including Cyber Security Exercises.
• Be on standby for any critical security alerts and incident management after office hours.

Job Requirements:

• Degree in Information Technology or Information Security or related discipline
• Minimum 3 years of working experience in Cyber Security field.
• Good Knowledge in Cyber Security Management, IT Compliance and/or Risk Management.
• Hands-on experience with Windows or Linux OS.
• Familiar with ISO27001 and/or PCI Data Security Standards.
• Hands-on experience on Microsoft Azure Cloud Security technologies (MS Sentinel, MS Defender...etc) as well as other Enterprise Security Appliances; such as Privileged Access management & Vulnerability Management tools.
• Familiar with modernised A.I and SecOps tools.
• Possess good project management and report writing skills.
• Security Screening will be required for potential candidates.

To apply, please visit www.gmprecruit.com and search for Job Reference: 24196

To learn more about this opportunity, please contact Gia Grace at gia.grace@gmprecruit.com

We regret that only shortlisted candidates will be notified.

GMP Technologies (S) Pte Ltd | EA License: 11C3793 | EA Personnel: Bautista Gia Grace De Guzman | Registration No: R23111973

The ideal Cyber Security Engineer will have experience with cloud technologies, particularly Azure and
O365, however general knowledge of cloud technologies and security controls will be considered
favourably.

You will also possess a strong background in configuring cloud components to align with recognised
security baselines. As a Security Engineer, you will play a crucial role in ensuring the security of internal
programs, working closely with cross-functional teams to implement and maintain secure configurations.

Specific responsibilities include:

• Work closely with internal stakeholders to understand program requirements and security needs.
• Design and configure cloud components on-premise and in Azure and O365 to align with
recognised security baselines and best practices.
• Implement and maintain security controls to protect internal programs from cyber threats.
• Conduct security assessments and audits to identify vulnerabilities and recommend remediation
actions.
• Monitor security logs and alerts to detect and respond to security incidents in a timely manner.
• Collaborate with other security team members to develop and implement security policies and
procedures.
• Provide security guidance and support to development teams to ensure the secure design and
implementation of internal programs.
• Stay up-to-date with the latest security trends and technologies, recommending new approaches to
enhance security posture.
• Document security configurations, processes, and procedures, ensuring they are well-documented
and easily accessible to relevant stakeholders.

Skills and experience required:

These are hands-on roles and successful candidate will be comfortable in designing, configuring and
operating technical security capabilities.
• Minimum of 3 years experience in Security Engineering, with a focus on cloud technologies.
• Experience configuring cloud components in Azure and O365 to align with recognized security
baselines.
• Strong understanding of security frameworks and standards, such as NIST, ISO, CIS, SACSF, ISM.
• Excellence in technical concepts with demonstrated commitment to expanding knowledge.
• Experience with security assessment tools and techniques.
• Excellent communication and interpersonal skills, with the ability to effectively communicate
security-related concepts to technical and non-technical stakeholders.
• Strong analytical and problem-solving skills, with the ability to identify and mitigate security risks
effectively.
• Ability to work independently and collaboratively in a fast-paced environment.

Our client, one of Asia-Pacific’s leading organizations is looking for:

IT Security / CyberSecurity Engineer

Responsibilities:

• Provide security consultancy in area of threat and risk assessment throughout the system lifecycle from implementation to maintenance
• Perform security operational work including security configuration, setup of applications or solutions to meet security requirements, patching, upgrading security patches
• Plan and participate in areas of security operations to ensure that processes meet defined information security policies and standards, and evolving security threats
• Perform vulnerability assessment using automated tools and recommend actionable follow up to remediate the vulnerabilities and/or threats uncovered
• Lead and manage security assessments of system that include configuration review, vulnerability scanning and penetration testing

Requirements:

• Degree in Computing, Computer Science, Engineering, Information Systems or related field; Security Certifications like CISA, GSEC, CISSP an advantage
• Experience in end user device management, network security, secure design and incident response
• Experience with DevSecOps methodology and toolsets
• Experience with Agile methodology and using common documentation, ticketing tools (e.g., Jira, Confluence)
• Experience in using cloud security tools and configuration AWS and Azure
• Familiarity with security and compliance frameworks such as ISO 27001, NIST Cybersecurity framework

-------------------------------------------------------------------------------------------------------

Interested applicants can also email CV at harry@nsearchglobal.com (for faster processing, please state the exact job / position title applied “CyberSecurity Engineer”

Only shortlisted candidates will be notified.

-------------------------------------------------------------------------------------------------------

EA License Number: 10C3636
EA Personnel Name: Arora, Hardeep
EA Personnel Registration Number: R1111454

Job Description

We are seeking a highly motivated and experienced IT Security Analyst to join our team and play a pivotal role in safeguarding our organization's IT infrastructure and data. You will be responsible for identifying, assessing, and mitigating IT risks, ensuring compliance with relevant regulations/best practice, and supporting our IT security operations.

Risk Management:

• Conduct regular threat, risks and vulnerability assessments.
• Assess technologies and solutions against cyber security standard.
• Identify, analyse, and prioritize IT security risks.
• Develop and oversees implementation of risk mitigation strategies and controls.
• Maintain and update the organization's risk register.

Compliance:

• Stay up-to-date on relevant IT security regulations and standards (e.g., PCI-DSS, ITRM, IM8, etc).
• Develop and implement security policies and procedures.
• Monitor and audit compliance activities.
• Report on compliance status to relevant stakeholders.
• Establish compliance initiatives to ensure conformance with security requirements

Security Operations:

• Monitor security logs and events for suspicious activity.
• Monitor and mitigate potential data loss events, and investigate suspected incidents.
• Investigate security incidents and implement appropriate response measures.
• Participate in incident response exercises and simulations.
• Assist with the deployment and maintenance of security tools and technologies.

Collaboration:

• Work closely with IT operations, development, and other business units to promote security awareness and best practices.
• Provide guidance and training to employees on security policies and procedures.
• Collaborate with external auditors and regulators.
• Prepare regular management reports on overall IT security posture.

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, or related field (or equivalent experience).
• Minimum of 3-5 years of experience in IT security, risk management, and compliance.
• Strong understanding of IT security concepts, frameworks, and methodologies.
• Working knowledge of relevant IT security regulations and standards.
• Experience with security tools and technologies (e.g., vulnerability scanners, SIEM, IDS/IPS).
• CISA / CISM / CISSP certifications will be an added advantage
• Knowledge in PHP, C++ and Java programming will be an advantage
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills.
• Self-driven and independent, with good attention to detail and quality
• • Ability to work independently and as part of a team