Job Details



Refer Job: Send to a Friend
  • Share this on Facebook
  • Share this on LinkedIn

Add Add to Saved Jobs

Back

Information Technology - Cyber Security Risk Specialist

Job Description
You will be a member of the Group Information Security Team responsible for ensuring corporate applications, systems, networks, and digital assets are adequately protected and mitigated against cyber threats and risks. You will help lead cybersecurity and risk management efforts within the Singapore Airlines Group.

Key Responsibilities:

  • Provide consultancy, technical guidance, expertise, solutioning and education on cyber security related framework, best practices, security intelligence, methodology etc
  • Advise application teams on application security design that is relevant and fit for purpose
  • Conduct risk assessments,document results, and propose and track remediation tasks.
  • Routinely assess existing infrastructure, systems, and applications for compliance and vulnerabilities and propose relevant mitigating controls.
  • Identify and assess cyber risks, and recommend and drive cyber security solution and initiatives to improve cyber security of the organisation.
  • Conduct vulnerability assessments and track remediation status of identified vulnerabilities.
  • Maintain awareness and provide security advisory on emerging security threats and vulnerabilities.
  • Assess security aspects of new technologies and define security control requirements.
  • Track latest IT security innovations and keeping abreast of latest cyber security technologies.
  • Participate in incident management and handling.

 
Requirements

  • Degree in IT or related fields, with 5-6 years relevant information security working experience, especially in the application security space.
  • Professional security certifications (CISSP, CISA, CCSP, GPEN, CEH etc) preferred.
  • Experience in security technologies, practices, application/network/systems architecture and design, tests tools and processes.
  • Prior experience in Java, web, iOS, Android, AWS development.
  • Strong in-depth working knowledge in secure application development techniques (design and coding).
  • Strong understanding of Agile, DevSecOps and securing cloud technologies.
  • Knowledge of cyber security threats, vulnerabilities, hacking and exploit methods etc.
  • Knowledge and experience in threat hunting, anomaly/compromise detection and analysis will be advantageous.
  • Strong oral, written, presentation and inter-personal skills.
  • Possess positive attitude with drive, initiative, enthusiasm and a keen sense of urgency in resolving high-priority issues.
  • Able to work independently and in a team-oriented, collaborative environment.