Senior Specialist, Cyber Security

  • Sector: LMA Asia Technology
  • Contact: Cindy Nguyen
  • Contact Email: cindy.nguyen@lmarecruitment.asia
  • Client: LMA
  • Location: Singapore
  • Salary: S$6500 - S$7500 per month
  • Expiry Date: 18 May 2022
  • Job Ref: BBBH370131_1645069600

Our client, a multinational MNC with a prominent brand has an opening for a Senior Specialist, Cyber Security. The Senior Specialist, Cyber Security is responsible to:

  1. Ensure the implementation of cyber security policies, standards and regulations, best practice guidelines, support tools and projects in line with the organisational security policies and IT Security Strategy.
  2. Implementation of fit for purpose cyber security defence and incident response programs globally.
  3. Provide technical guidance, expertise, and education on Cyber Security related framework, best practices, security intelligence, methodology and reporting, and support information asset owners related to a particular cyber security threat/vulnerability assessment, identify appropriate counter measures, and timely response to cyber security incidents.


YOUR TASKS:
* Support implementation of Cyber Security Program (Cyber Security Expertise Center) in the company.
* Deliver Application Security Assessment activities with entities within external suppliers/customers.
* Conduct in-depth assessments on the applications using SAST, DAST, Penetration Testing, Red Teaming Activities to determine application security posture and potential vulnerabilities.
* Conduct Application Source Code Reviews using SAST Methodology.
* Provide input guidance to the design and development of solutions selected from the cyber security counter measure plan by conducting Threat Modelling on the applications.
* Support processes that can be implemented in the project lifecycle of projects, and drive the implementation globally.
* Support global awareness trainings and programs on Cyber Security.
* Deliver reporting to the organisational Information Security Committee (ISC) ensuring appropriate visibility to existing and new cyber security intelligent, threats and incidents.
* Ensure that appropriate security counter measures and plans are developed by Business IT, IT Services and its IT service suppliers.
* Participate in Cyber Security forum (White/Black hat), law enforcements (Interpol, EUpol, Country SIRT), Security Intelligence agencies/vendors, to ensure that approach is up-to-date with leading edge industry security intelligence and counter measures.
* Indirect support of Corporate Functions (Security, Compliance, Data Protection) and external customers/suppliers for cyber security related request.
* Report the effectiveness of cyber security readiness to technical asset owner with explicit focus on high risk / high impact threats/vulnerabilities/incidents and actions being taken for mitigation.
* Provide support to the Risk/Compliance/Audit function on cyber risk exposures.
* Provide input to the design and development of management practices and solutions selected from the cyber security counter measure plan.
* Maintain Cyber Security response & reporting plan within areas of responsibility.
* Develop and deliver Cyber Security best practices/processes/tool.
* Perform threat and vulnerability assessment, and control selection to identify fit-for-purpose counter measures.
* Work with global, regional and country stakeholders to support the cyber security reviews.

WHAT WE NEED FROM YOU:
* Minimum 5 to 8 years in Information or Cyber Security, preferably in Applications Security Assessment role.
* Minimum 5 to 8 years experiences in Vulnerability Assessment, Penetration Testing & Source Code Reviews of Web, Mobile and Thick Client Applications.
* Formal information security accreditation (e.g. CEH, OSCP, CISSP, CISM, CISA,CRISC or equivalent experience).
* In-depth knowledge of Cyber Security practices and methodologies.
* Good security testing techniques tools and methodologies (OSSTMM and OWASP Top 10, OWASP ASVS, SANS).
* DevSecOps experience preferred.
* Good operations knowledge on Cyber Security incident investigation and response.
* Sound analytic and reasoning skills.
* Broad IT service / technical knowledge Network/ Infrastructure/ OS/ Database/ Application/ Mobile App).
* Good organizational and cultural awareness.
* Minimum degree level or equivalent of relevant disciplines.

Company Reg. No.: 201131609D | Licence No.: 11C4684 | EA Reg No.: R 1440978