We are looking for a Cyber Security Consultant who will be responsible for monitoring and responding to cybersecurity threats for systems, applications and Infrastructure. This role requires a solid understanding of incident response and security investigations.
In addition, you will be required to propose and integrate security practices and processes into software development and how security testing can be integrated and automated as part of software delivery pipelines.
Mandatory Skill(s)
- Degree in Cyber Security, Computer Science, Engineering or Information Technology;
- At least 5 years of work experience in Information Security operations, policies and procedures;
- Demonstrated working knowledge of technology processes, security policies, standards, controls, and risk measurements;
- Proven record in identification, investigation and resolution of potential IT security risks, controls and process gaps;
- Capability to perform vulnerability assessments and penetration testing;
- Ability to look at multiple aspects of Security design and management;
- Experience with intrusion detection systems and security event analysis;
- Experience in preparing tender specifications for security operations centre and creating SOP for incident response;
- Has provided security advisory, risk assessment, project advisory on Security Architecture, Systems Security Acceptance Testing (SSAT);
- Ability to work with cross-functional, multi-disciplined team to formulate, institute and monitor security policies and procedures;
- Preempt any risks and mitigate any threats or problematic areas proactively;
- Excellent communication skills and emotional intelligence to influence key decisions, mediate conflicts and build consensus.
Desirable Skill(s)
- CISSP, CISA, CISM CompTIA Security+ or equivalent professional certifications.
Responsibilities
- Analyze security tools, systems , applications and Infrastructure to detect possible weaknesses and suggest potential remediation;
- Source, manage and oversee the external service providers to conduct annual vulnerability assessment and penetration testing;
- Follow established procedures to manage security alerts and coordinate with other support teams as necessary;
- Apply security controls as per industrial best practices, security standards and guidelines such as OWASP top 10, NIST, CIS;
- Contribute to the development and maintenance of security policies & procedures, configuration and standards aligned with ISO 27001;
- Assist in security incident investigations across different locations and environments and be a part of the audit team;
- Collaborate with the various stakeholders to devise strategies in order to isolate an incident threat, identify the root cause and implement mitigation procedures;
- Provide project security advisory and ensure overall compliance to security policies in the areas of Security Acceptance Tests, Vulnerability Assessments, Penetration Tests and Security Audits;
- Submit regular reports on threats, vulnerabilities, and incidents and present on new age systems to be introduced in the organization;
- Keep abreast with the latest mitigation techniques and technologies.
If you are interested in this role, click on the “Apply to this job” button below or you could also write in with your CV to Cecilia Chong at cecilia@sciente.com quoting the job title.
