Lead Consultant
Malaysia, Malaysia
4 hari yang lepas

Realise your full potential with Asia's leading communications group. While we take pride in our 130-year heritage, our philosophy is to always look forward and evolve.

Today, we are a leader in cutting-edge ICT innovation and digital advances, powered by a vast network of offices in countries and territories across Asia Pacific, the Middle East, Europe and the USA.

Come be a part of our dynamic organisation as we create the infocomms landscape of the future.

Key Responsibilites : Security Advisory Management

Security Advisory Management

  • To manage the assessment of applicability and security risks of both regular as well as out-of-band security vulnerability notifications and other security advisories.
  • To review and manage the vulnerability remediation status updates
  • Cybersecurity Protection of the IT assets

  • To drive the security hardening of IT assets in accordance to approved Standards, Policy and Best Practices
  • Security Incident Management

  • To be the focal point. for the Security Incidents for Notification, Escalation, Reporting and Documentation
  • To track and follow-up on Security Events and Incidents and to provide management status updates
  • To lead and manage Security Incident Tabletop exercises
  • Vulnerability Scanning, Remediation & Reporting

  • To manage the conducting of Vulnerability Assessment or Penetration Testing and the remediation of any vulnerabilities found during such exercises
  • Conducting of Security Awareness Briefings

  • To conduct Security Awareness Trainings.
  • Conducting of Security Spot Checks

  • To drive and manage Physical Security Spot Checks.
  • Security Event / Alert Management

  • To perform investigation, impact assessment and remediation upon receipt of security events / alerts issued by Security Operations Centre and / or other sources
  • Security Governance & Audit-Related Activities

  • To drive Security Risk Assessment activities and to manage the risks identified.
  • To drive Audit-Related Activities such as ISO27000 Information Security Management System (ISMS).
  • Security Self-Assessments, Data Collation, Reporting & Meetings

  • To drive self-assessments and the collation of data required for reporting by the Cybersecurity Resiliency Committee, Group Risk and Chief Information Security Officer (CISO)
  • To collate and to provide status updates to management for out-of-band or emergency security advisories and notifications
  • Regular Security Reviews

  • To conduct Regular Security Reviews such as Log Review, Access Rights Reviews, User Recertification, etc.
  • Writing of Security Process & Policies

  • To create and / or to update Security Process & Policies that are applicable to the Department.
  • Job Requirements :

  • Diploma or higher in Computer Science, Engineering and Information Systems
  • 5 Years in the area of security governance, audit & compliance
  • Certification in Security Governance-, Audit- or Compliance-related fields issued by an accredited body such as : -

  • IRCA ISO27001 Lead Auditor
  • Mile2 C)ISSM / C)ISSA / C)ISRM
  • Excellent English written and verbal communication skills
  • Possess organisational capabilities and to work across departments
  • Good working knowledge of Security Advisories, Security Protection Devices, OS Hardening, Vulnerability Scanning, Log & Access Rights Reviews, User Recertification, Security Events and Incidents,
  • Let’s shape a better world through technology. Join us to lead the change.

    Note to Recruitment Agencies

    In sourcing for candidates for particular roles, the Singtel Group works only with a panel of selected recruitment agencies expressly engaged under written agreements.

    Even then, these agencies are only activated from time to time for specific recruitment exercises for particular roles under instructions expressly issued by a member of the Singtel Talent Acquisition team.

    Except under such circumstances, no agency shall source or attempt to source any candidates for the Singtel Group. The Singtel Group will not pay nor be obliged or liable to pay any recruitment fees of any kind whatsoever to any agency where candidate CVs are submitted to the Singtel Group by such agency on an unsolicited or speculative basis.

    The Singtel Group reserves all rights to directly contact any candidate to which such CVs relate without any obligation or liability whatsoever to the agency concerned (including without limitation any obligation or liability to pay any recruitment fees of any kind).

    E-mel saya
    Dengan mengklik 'Teruskan', saya bersetuju dengan Privasi Lihat di sini
    Borang permohonan